

Ask HN: Would any code analysis tools have caught have caught heartbleed?  - macarthy12

If not, why not? Is this kind of issue something that a language feature could avoid?
======
cpeterso
This blog post demonstrates how OpenSSL's unsafe C code can be migrated to a
safe programming language called ATS (Applied Type System):

[http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-
bu...](http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bugs-with-
safe-languages.html)

------
pascal_cuoq
See
[http://blog.regehr.org/archives/1125](http://blog.regehr.org/archives/1125)
(Heartbleed and Static Analysis)

~~~
macarthy12
Looks like the FLOSS community needs to start exploring these kind of tools.

