September 2019

Quick Q: Removing item from vector, while in C++11 range 'for' loop?

Quick A: it is not possible

Recently on SO:

Removing item from vector, while in C++11 range 'for' loop?

No, you can't. Range-based for is for when you need to access each element of a container once.

You should use the normal for loop or one of its cousins if you need to modify the container as you go along, access an element more than once, or otherwise iterate in a non-linear fashion through the container.

For example:

auto i = std::begin(inv);

while (i != std::end(inv)) {
    // Do some stuff
    if (blah)
        i = inv.erase(i);
    else
        ++i;
}

CppCon 2018: Spectre: Secrets, Side-Channels, Sandboxes, and Security--Chandler Carruth

We’re in the final countdown to this year’s CppCon, which starts on September 16. To whet your appetite for this year’s conference, here’s another of the top-rated talks from last year. Enjoy – and register today for CppCon 2019!

Spectre: Secrets, Side-Channels, Sandboxes, and Security

by Chandler Carruth

Summary of the talk:

The discovery of speculative execution side-channel attacks (called "Spectre") fundamentally changes the security model of every modern superscalar microprocessor. Extracting secret data (credit cards, cryptographic keys) through side-channels is not new and has challenged the cryptographic community for decades. Despite this, the industry has often been complacent in our response, viewing these attacks as impacting a tiny amount of code and being nearly impossible to weaponize. But speculative execution attack techniques have fundamentally altered the ease and applicability of side-channels, making them a serious threat to computer security. Responding to these issues has impacted CPU design, compiler design, library design, sandbox techniques and even the C++ programming language and standard.

This talk will explain how these kinds of attacks work at a high level and provide a clear set of terminology to describe these classes of vulnerabilities and attacks. It will show how the different variants work at the low level of modern hardware to give a detailed and precise understanding of the mechanics involved on CPUs today.

It will also provide guidance about what makes applications and services vulnerable and how to analyze your software to understand the degree of its exposure. It will include an overview of the numerous different mitigation techniques available, how to deploy them, and what tradeoffs come with them. Some of these mitigations will be covered in detail: how they work at a hardware level, where they don't work, and what attack vectors remain.

Finally, the talk will show how traditional side-channel risks are made substantially easier to exploit due to speculative execution. This will cover how cryptographic and other libraries dealing in high-value secrets need to be adapted to correctly defend against these attacks. Further, it will introduce general problems of sandboxing untrusted code from secret data and the current best techniques in those circumstances.

This talk will be accessible to most C and C++ programmers. No deep background on CPUs, assembly, hardware instructions, Spectre, side-channels, or security is needed.

Quick Q: How do C++ class members get initialized if I don't do it explicitly?

Quick A: default constructors are called if available, otherwise there is no initialisation.

Recently on SO:

How do C++ class members get initialized if I don't do it explicitly?

In lieu of explicit initialization, initialization of members in classes works identically to initialization of local variables in functions.

For objects, their default constructor is called. For example, for std::string, the default constructor sets it to an empty string. If the object's class does not have a default constructor, it will be a compile error if you do not explicitly initialize it.

For primitive types (pointers, ints, etc), they are not initialized -- they contain whatever arbitrary junk happened to be at that memory location previously.

For references (e.g. std::string&), it is illegal not to initialize them, and your compiler will complain and refuse to compile such code. References must always be initialized.

So, in your specific case, if they are not explicitly initialized:

    int *ptr;  // Contains junk
    string name;  // Empty string
    string *pname;  // Contains junk
    string &rname;  // Compile error
    const string &crname;  // Compile error
    int age;  // Contains junk

PVS-Studio 7.04

PVS-Studio is a tool designed to detect errors and potential vulnerabilities in the source code of programs, written in C, C++, C#, Java. It works in Windows, Linux, and macOS environment.

PVS-Studio 7.04

by Svyatoslav Razmyslov

From the article:

When working on a task developers take code from so many various places. A popular source of Copy-Paste code is the Stackoverflow website and similar ones. There are cases when a developer takes the code from an open source project and doesn't check license requirements. Thus, a closed source project may accidentally get a few files from an open source project with a Copyleft license, which obliges to make the entire project code open source. In companies with a large number of employees, it's difficult to keep track of this, whereas such actions might cause adverse risks and problems. So, PVS-Studio now has a diagnostic, which will help to find such files. It relates to all supported languages (C, C++, C#, Java). The diagnostic is looking for the following "virus" licenses: AGPL-3.0, GPL-2.0, GPL-3.0, LGPL-3.0.

fixing c++ with epochs -- Vittorio Romeo

This article proposes a mechanism to allow seemingly backwards-incompatible changes to C++'s syntax while actually maintaining backwards compatibility, leveraging the isolation of upcoming module units. The idea is similar to Rust's "Editions" mechanism. The post explains how the feature would work and how C++ would benefit from it.

fixing c++ with epochs

by Vittorio Romeo

From the article:

Imagine that you have been designing a programming language for over 30 years and that it gradually became widely used across the globe. Some of the decisions you made at the beginning were excellent and contributed to the success of your project. Some others, however, were not the best: over the years you and your users realized that the world would have been a better place if those choices you made eons ago were slightly different. [...]

What if I told you that I could fix all of your problems? Even better, what if I told you that backward-compatibility will never be broken and that migration to newer versions of your language could be automated?

CppCon 2018: Applied Best Practices--Jason Turner

We’re in the final countdown to this year’s CppCon, which starts on September 16. To whet your appetite for this year’s conference, here’s another of the top-rated talks from last year. Enjoy – and register today for CppCon 2019!

Applied Best Practices

by Jason Turner

Summary of the talk:

What happens when we start a project from scratch and try to apply all of the best practices? How well do constexpr, noexcept, [[nodiscard]] and other features interact with each other? Is it possible to apply all of the best practices at once, or will they conflict with each other? We will explore current best practices and examine their impact on compile time, runtime and testing. We'll also see some of the unexpected effects that result when best practices are applied to a new project.