User: Password:
|
|
Subscribe / Log in / New account

A longstanding GnuTLS certificate validation botch

A longstanding GnuTLS certificate validation botch

Posted Mar 7, 2014 20:37 UTC (Fri) by cesarb (subscriber, #6266)
In reply to: A longstanding GnuTLS certificate validation botch by hummassa
Parent article: A longstanding GnuTLS certificate validation botch

That's only if you are using exception specifications, which is AFAIK not recommended (except for C++0x's nothrow).

I think what nix meant is: if you are not very careful, you can write code which is not exception-safe. An exception thrown in the middle of that code will lead to inconsistent state. RAII helps a lot, but not everything can easily be expressed in RAII style.

And even if you are very careful, code can have bugs. Exception-safety bugs can be quite hard to see by just reading the code: you have to consider that every line of code within a function could throw an exception. Even apparently innocent code like "a = b + c;" can throw an exception, courtesy of operator overloading.

Contrast this with C, where only function calls can do nonlocal exits, and even then only in the presence of longjmp(). Most functions will not call longjmp() (and if you use it from a signal handler, you deserve to lose). In C, the code flow is much simpler: it's all explicit, and visible by looking at the function's body. Even gcc's cleanup extension does not change that.


(Log in to post comments)

A longstanding GnuTLS certificate validation botch

Posted Mar 8, 2014 23:15 UTC (Sat) by nix (subscriber, #2304) [Link]

Quite. I'm not saying it's impossible to make it work, obviously it isn't. It's just not at all easy, and it's not obvious when you got it wrong.

I like exceptions, but I'm wary of them in much the same way as I would be of a gun that has a habit of firing spontaneously and exploding when fired. :)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds