ISO IEC TR 24772-2:2020(E) pdf free

ISO IEC TR 24772-2:2020(E) pdf free.Programming languages – Guidance to avoiding vulnerabilities in programming languages
Ada uses a strong type system based on name equivalence rules. It distinguishes types, which embody statically checkable equivalence rules, and subtypes, which associate dynamic properties with types,for example, index ranges for array subtypes or value ranges for numeric subtypes. Subtypes are not types and their values are implicitly convertible to all other subtypes of the same type. All subtype and type-conversions ensure by static or dynamic checks that the converted value is within the value range of the target type or subtype. If a static check fails, then the program is rejected by the compiler. If a dynamic check fails, then an exception Constraint-Error is raised.
To effect a transition of a value from one type to another, three kinds of conversions can be applied in Ada.
a) Implicit conversions: there are few situations in Ada that allow for implicit conversions. An example is the assignment of a value of a type to a polymorphic variable of an encompassing class. In all cases where implicit conversions are permitted, neither static nor dynamic type safety or application type semantics (see below) are endangered by the conversion.
b) Explicit conversions: various explicit conversions between related types are allowed in Ada. All such conversions ensure by static or dynamic rules that the converted value is a valid value of the target type. Violations of subtype properties cause an exception to be raised by the conversion.
c) Unchecked conversions: Conversions that are obtained by instantiating the generic subprogram Unchecked-Conversion are unsafe and enable all vulnerabilities mentioned in 6.3 as the result of a breach in a strong type system. Unchecked. Conversion is occasionally needed to interface with type-less data structures, for example, hardware registers.
A guiding principle in Ada is that, with the exception of using instances of Unchecked-Conversion, no undefined semantics can arise from conversions and the converted value is a valid value of the target type.ISO IEC TR 24772-2 pdf free download.