Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Saferish strings in Haskell APIs

Thomas Sutton
January 22, 2013
Programming
0
50

Saferish strings in Haskell APIs

An introduction safer-ish strings in Haskell library APIs using OverloadedStrings and rewrite rules.

This was presented at the Open Programming Miniconf at linux.conf.au 2013.

Thomas Sutton

January 22, 2013
Tweet

More Decks by Thomas Sutton

See All by Thomas Sutton
Dynamic Programming in Haskell
thsutton
5
1.7k
Retcon: Imposing eventual consistency on disparate data sources
thsutton
3
710
A complete idiot's introduction to Formal Concept Analysis for dummies to teach themselves
thsutton
1
540
Addressing Injection Attacks in Languages and Libraries
thsutton
0
35
Git and Drush: Best Friends Forever
thsutton
0
69

Other Decks in Programming

See All in Programming
FigmaとPHPで作る1ミリたりとも表示崩れしない最強の帳票印刷ソリューション
ttskch
43
19k
SIMD Parallel Programming with the Vector API
josepaumard
0
200
try! Swift Tokyo 初参加報告LT
hinakko2
0
220
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
190
コーンフレークから始める モデリング会話入門
ogurotakayuki
0
380
検証も兼ねて個人開発でHonoとかと向き合った話
hanetsuki
1
1.2k
デフォルトにして至高、RubyMineの大好きな所
ruzia
0
470
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
270
Micro Frontends for Java Microservices - Devnexus 2024
mraible
PRO
0
500
使ってみよう Azure AI Document Intelligence
kosmosebi
2
330
GitHub Actionsで泣かないためにやっておきたい設定 / Recommended GHA settings to avoid crying
pinkumohikan
3
540
エンターテイメント業界で利用されるAWS
demuyan
0
210

Featured

See All Featured
Documentation Writing (for coders)
carmenintech
60
3.9k
How GitHub Uses GitHub to Build GitHub
holman
468
290k
Designing the Hi-DPI Web
ddemaree
276
33k
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
Docker and Python
trallard
34
2.7k
Build The Right Thing And Hit Your Dates
maggiecrowley
24
2k
Fireside Chat
paigeccino
21
2.6k
Being A Developer After 40
akosma
61
580k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
Gamification - CAS2011
davidbonilla
76
4.6k
A better future with KSS
kneath
231
16k
Happy Clients
brianwarren
92
6.4k

Transcript

  1. Safe strings in Haskell APIs

  2. Safe Safer strings in Haskell APIs

  3. Safe Safer Saferish strings in Haskell APIs

  4. Haskell • Purely functional • But pragmatically practical • Strongly

    typed • Pretty safe

  5. Strings

  6. OverloadedStrings • Added to GHC 6.8.1 • Allows string literal

    syntax to be used for other data types.

  7. OverloadedStrings

  8. OverloadedStrings

  9. So what? • Use custom datatypes instead of String at

    API boundaries. • If SQL commands aren’t strings, no string concatenation and less risk of injection vulnerabilities!

  10. mysql-simple • Database access library for MySQL written by Bryan

    O'Sullivan. • Uses this pattern to pass query text to the API.

  11. mysql-simple

  12. mysql-simple

  13. mysql-simple

  14. mysql-simple

  15. No concatenation

  16. No concatenation

  17. BUT! • All of the code which makes this work

    is public and you can import it. • So you (and any other developer) can circumvent this safety pretty trivially.
  18. None
  19. None

  20. So what do we want?

  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None

  31. How does this magic work? • Through the magic of

    compiler rules! • Allow library authors to specify rewrite rules to be applied during compilation. • Used for fusion and other optimisation techniques for data structure libraries. (text is very, very fast).

  32. String “Literals” • GHC generates a packed C-style string in

    the executable. • Code like this: ! • compiles to something like this:

  33. So rewrite this code!

  34. By default, it’s unsafe... It turns out that RULES do

    type inference. So we can write a RULE which replaces our fromStrings with out fromStringUnsafe.

  35. Unsafe calls

  36. Safe calls • The only safe calls are the ones

    which use static values!

  37. Identify and replace safe calls • Recall RULES use type

    inference. • And that the only safe calls are ones with static values. • And that static values have a specific type. • And are processed (before our code) with runtime support functions.

  38. Replace safe “unsafe” calls with “safe”

  39. None
  40. None
  41. None
  42. None
  43. None
  44. None

  45. Does it work?

  46. None
  47. None
  48. None
  49. None
  50. None
  51. None
  52. None
  53. None
  54. None
  55. None
  56. None
  57. None

  58. What’s next? • Make it less fragile. (Needs NOINLINE pragmas

    and is sensitive to optimisation). • Make the error compile time. (But it needs to be typesafe to work. #lolwut) • Probably much better and easier to write a GHC plugin.