**1. Null‑terminated strings are a historic mistake**
> "the zero terminated string is I think is computing's biggest mistake. Pascal style strings were much safer." — mrlonglong
**2. AI‑generated code can inherit existing bugs**
> "AI was trained on existing data … those bugs are in the training data … So when AI generates C code, is it going to avoid making the mistakes that human code made? No, it's going to generate the kind of code it was trained on." — fragmede
**3. `strncpy` and similar APIs cause security issues**
> "The strncpy function within the Linux kernel has been a 'persistent source of bugs' for years." — rswail
> "strncpy doesn't actually necessarily terminate – it can leave the destination unterminated." — GabrielTFS
**4. Modern languages replace unsafe C patterns with safe abstractions**
> "Zig also forbids null pointers and requires use of optionals." — dietr1ch
> "Rust’s Option<T> uses niche optimization to encode `None` in unused pointer bits." — pdimitar
**5. Language design was driven by resource constraints, not safety**
> "It was so that B code could be compiled as C with minimal changes. The designer felt that this would encourage people to switch from B to C." — lelanthran
Linux eliminates the strncpy API after six years of work, 360 patches
📝 Discussion Summary (Click to expand)
🚀 Project Ideas
SafeStringLinter
Summary
- Detects and flags unsafe zero‑terminated string patterns in C code that lead to off‑by‑one and buffer‑overflow bugs.
- Automatically suggests or applies fixes by converting to counted strings (length‑prefixed structs) with compile‑time linting.
- Core Value: Reduces security‑critical string bugs without requiring a full language rewrite.
Details
| Key | Value |
|---|---|
| Target Audience | C systems programmers, kernel maintainers, security‑focused devs |
| Core Feature | Static analysis + auto‑fix for zero‑terminated strings, integrated with clang‑tidy |
| Tech Stack | Python + clang‑tooling, Docker, JSON config |
| Difficulty | Medium |
| Monetization | Hobby |
Notes
- HN commenters repeatedly cite “hundreds of off‑by‑one … memory overwrites” (jackbucks) and “AI will nerf everything” (fragmede) – a tool that guarantees safe string handling would be a direct remedy.
- Provides immediate practical utility for large legacy codebases while also serving as a discussion catalyst about modernizing C string APIs.
PascalStringForC
Summary
- Introduces a header‑only Pascal‑style string type (length‑prefixed, bounds‑checked) for C, eliminating reliance on NUL termination.
- Provides seamless interop with existing C APIs via wrapper macros, enabling safer string handling in embedded and kernel contexts.
- Core Value: Safer, predictable string operations with minimal performance overhead.
Details
| Key | Value |
|---|---|
| Target Audience | Embedded developers, C programmers seeking safer string APIs |
| Core Feature | Header‑only library offering Pascal‑style strings with compile‑time length checks |
| Tech Stack | C, CMake, GitHub Pages documentation |
| Difficulty | Low |
| Monetization | Revenue-ready: One-time license $29 |
Notes
- Quote from mrlonglong: “Pascal style strings were much safer” – this library directly addresses that pain point.
- Sparks discussion on adopting length‑prefixed strings in systems code and how they compare to zero‑terminated alternatives.
LLMStringGuard
Summary
- VS Code extension that scans LLM‑generated C code for unsafe string manipulations (e.g., missing NUL, off‑by‑one) and suggests secure replacements.
- Uses an LLM API to provide inline fix suggestions with confidence scores, enabling developers to review before commit.
- Core Value: Cuts down on AI‑induced string bugs while preserving the productivity gains of code‑generation tools.
Details
| Key | Value |
|---|---|
| Target Audience | Developers using AI‑assisted code generation, security‑aware teams |
| Core Feature | AI‑driven code review for unsafe string patterns with auto‑suggested fixes |
| Tech Stack | TypeScript, WebAssembly, OpenAI / Anthropic API wrapper |
| Difficulty | Medium |
| Monetization | Revenue-ready: Subscription $15/mo |
Notes
- Directly responds to fragmede’s question “Why is AI gonna nerf everything?” by giving a concrete safety net for AI‑generated code.
- Generates lively conversation on HN about the limits of AI in preventing memory‑safety bugs.
CountedString Builder
Summary
- CLI utility that migrates C source files from char* buffers to explicit length‑prefixed structures, updating all related function calls automatically.
- Handles bulk migrations across large repositories, preserving semantics while eliminating NUL‑termination bugs.
- Core Value: Enables safe, scalable migration to modern string representations with minimal manual effort.
Details
| Key | Value |
|---|---|
| Target Audience | Large C projects (e.g., OS kernels, embedded firmware) seeking to adopt counted strings |
| Core Feature | Bulk rewrite of char to {size_t len, char data} with automated API updates |
| Tech Stack | Rust, LLVM‑MLIR, CLI (cross‑platform) |
| Difficulty | High |
| Monetization | Hobby |
Notes
- Addresses the “hundreds of off‑by‑one … memory overwrites” frustration (jackbucks) by providing an automated fix.
- Positions the tool as a practical utility that could spark HN debate on the feasibility of modernizing C string handling at scale.
StringSafetyAnnotations
Summary
- Adds compiler‑level annotations (e.g., __nonnull_len) to C that enforce pointer non‑null and length constraints at compile time, reducing reliance on runtime checks.
- Integrates with clang to emit warnings for violations, enabling stronger static guarantees for string operations.
- Core Value: Provides language‑level safety without abandoning C’s low‑level control.
Details
| Key | Value |
|---|---|
| Target Audience | C/C++ developers focused on formal verification and memory safety |
| Core Feature | Annotations for non‑null pointers with associated length, checked by clang |
| Tech Stack | Clang extensions, CMake integration, documentation site |
| Difficulty | Medium |
| Monetization | Revenue-ready: Enterprise license $200/mo per seat |
Notes
- Echoes the sentiment “the zero terminated string is I think is computing’s biggest mistake” (mrlonglong) by offering a compile‑time alternative that removes the need for NUL terminators.
- Sparks discussion on extending C’s type system for safety, a frequent HN topic.