Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Saferish strings in Haskell APIs

Thomas Sutton
January 22, 2013
Programming
0
56

Saferish strings in Haskell APIs

An introduction safer-ish strings in Haskell library APIs using OverloadedStrings and rewrite rules.

This was presented at the Open Programming Miniconf at linux.conf.au 2013.

Thomas Sutton

January 22, 2013
Tweet

More Decks by Thomas Sutton

See All by Thomas Sutton
Dynamic Programming in Haskell
thsutton
5
1.9k
Retcon: Imposing eventual consistency on disparate data sources
thsutton
3
730
A complete idiot's introduction to Formal Concept Analysis for dummies to teach themselves
thsutton
1
600
Addressing Injection Attacks in Languages and Libraries
thsutton
0
41
Git and Drush: Best Friends Forever
thsutton
0
82

Other Decks in Programming

See All in Programming
OnlineTestConf: Test Automation Friend or Foe
maaretp
0
110
ヤプリ新卒SREの オンボーディング
masaki12
0
130
Arm移行タイムアタック
qnighy
0
330
flutterkaigi_2024.pdf
kyoheig3
0
150
ActiveSupport::Notifications supporting instrumentation of Rails apps with OpenTelemetry
ymtdzzz
1
240
CSC509 Lecture 13
javiergs
PRO
0
110
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
1
100
ふかぼれ!CSSセレクターモジュール / Fukabore! CSS Selectors Module
petamoriken
0
150
タクシーアプリ『GO』のリアルタイムデータ分析基盤における機械学習サービスの活用
mot_techtalk
4
1.4k
What’s New in Compose Multiplatform - A Live Tour (droidcon London 2024)
zsmb
1
480
[Do iOS '24] Ship your app on a Friday...and enjoy your weekend!
polpielladev
0
110
Flutterを言い訳にしない!アプリの使い心地改善テクニック5選🔥
kno3a87
1
190

Featured

See All Featured
Unsuck your backbone
ammeep
668
57k
Building Adaptive Systems
keathley
38
2.3k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
109
49k
Six Lessons from altMBA
skipperchong
27
3.5k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.9k
Designing the Hi-DPI Web
ddemaree
280
34k
Agile that works and the tools we love
rasmusluckow
327
21k
Designing for Performance
lara
604
68k
Imperfection Machines: The Place of Print at Facebook
scottboms
265
13k

Transcript

  1. Safe strings in Haskell APIs

  2. Safe Safer strings in Haskell APIs

  3. Safe Safer Saferish strings in Haskell APIs

  4. Haskell • Purely functional • But pragmatically practical • Strongly

    typed • Pretty safe

  5. Strings

  6. OverloadedStrings • Added to GHC 6.8.1 • Allows string literal

    syntax to be used for other data types.

  7. OverloadedStrings

  8. OverloadedStrings

  9. So what? • Use custom datatypes instead of String at

    API boundaries. • If SQL commands aren’t strings, no string concatenation and less risk of injection vulnerabilities!

  10. mysql-simple • Database access library for MySQL written by Bryan

    O'Sullivan. • Uses this pattern to pass query text to the API.

  11. mysql-simple

  12. mysql-simple

  13. mysql-simple

  14. mysql-simple

  15. No concatenation

  16. No concatenation

  17. BUT! • All of the code which makes this work

    is public and you can import it. • So you (and any other developer) can circumvent this safety pretty trivially.
  18. None
  19. None

  20. So what do we want?

  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None

  31. How does this magic work? • Through the magic of

    compiler rules! • Allow library authors to specify rewrite rules to be applied during compilation. • Used for fusion and other optimisation techniques for data structure libraries. (text is very, very fast).

  32. String “Literals” • GHC generates a packed C-style string in

    the executable. • Code like this: ! • compiles to something like this:

  33. So rewrite this code!

  34. By default, it’s unsafe... It turns out that RULES do

    type inference. So we can write a RULE which replaces our fromStrings with out fromStringUnsafe.

  35. Unsafe calls

  36. Safe calls • The only safe calls are the ones

    which use static values!

  37. Identify and replace safe calls • Recall RULES use type

    inference. • And that the only safe calls are ones with static values. • And that static values have a specific type. • And are processed (before our code) with runtime support functions.

  38. Replace safe “unsafe” calls with “safe”

  39. None
  40. None
  41. None
  42. None
  43. None
  44. None

  45. Does it work?

  46. None
  47. None
  48. None
  49. None
  50. None
  51. None
  52. None
  53. None
  54. None
  55. None
  56. None
  57. None

  58. What’s next? • Make it less fragile. (Needs NOINLINE pragmas

    and is sensitive to optimisation). • Make the error compile time. (But it needs to be typesafe to work. #lolwut) • Probably much better and easier to write a GHC plugin.