Wednesday

Room 4

10:15 - 11:15 (UTC+02)

Talk (60 min)

Signed Integers Considered Harmful

A common misconception among C++ developers is that signed integers should be the default integer type, or put another way, that unsigned integers should only be used when modulo behavior is desired.

C++
C
Embedded
Security
Language

In reality, for safe, secure, and performant systems the opposite is true and unsigned integers should be the default type for representing integer that cannot have negative values. This goal of this presentation is to provide an irrefutable argument supporting this assertion and put an end to the madness.

Robert Seacord

Robert Seacord is a Technical Director at NCC Group, where he develops and delivers secure coding training in C, C++, and other languages. Robert is an expert on ISO/IEC JTC1/SC22/WG14, the international standardization working group for the C programming language. He is the author of seven books, including Effective C (No Starch, 2020), The CERT C Coding Standard, Second Edition (Addison-Wesley, 2014),
Secure Coding in C and C++, Second Edition (Addison-Wesley, 2013), and Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs (Addison-Wesley, 2014). He has also published more than 50 papers on software security, component-based software engineering, web-based system design, legacy-system modernization, component repositories and search engines, and user interface design and development.