Home » Blog » Categories »

January standards papers mailing available

By Blog Staff | Jan 21, 2013 11:46 AM | Tags: None

The between-meetings standards papers mailing is now available. It includes the spring meeting agenda, updated issues lists, and a number of new papers including at least one that came through the public std-proposals forum. (Update: Please also direct discussion about these papers to that forum.)

 

WG21 Number Title Author Document Date Mailing Date Previous Version Subgroup Disposition
SD-1 2013 PL22.16/WG21 document list Clark Nelson 2013-01-15 2013-01      
SD-2 ISO WG21 and INCITS PL22.16 membership list Clark Nelson 2013-01-11 2013-01      
SD-3 SC22/WG21 (C++) Study Group Organizational Information Herb Sutter 2012-10-04 2012-09      
SD-5 WG21 and PL22.16 (C++) Joint Mailing and Meeting Information Herb Sutter 2010-09-20 2012-09      
2013-01
N3493 Compile-time integer sequences Jonathan Wakely 2013-01-11 2013-01   Library Evolution  
N3494 A proposal to add special mathematical functions according to the ISO/IEC 80000-2:2009 standard Vincent Reverdy 2012-12-19 2013-01   Library Evolution  
N3495 inplace realloc Ariane van der Steldt 2012-12-07 2013-01   Library Evolution  
N3496 AGENDA, PL22.16 Meeting No. 60, WG21 Meeting No. 55, April 15-20, 2013 -- Bristol, UK Stephen D. Clamage 2013-01-02 2013-01      
N3497 Runtime-sized arrays with automatic storage duration (revision 4) Jens Maurer 2013-01-01 2013-01 N3467 Core  
N3498 Core Issue 1512: Pointer comparison vs qualification conversions (revision 2) Jens Maurer 2013-01-07 2013-01 N3478 Core  
N3499 Digit Separators Lawrence Crowl 2012-12-19 2013-01 N2281 Core  
N3500 New assert variants Olaf van der Spek 2012-11-28 2013-01   Library Evolution  
N3501 C++ Standard Core Language Active Issues, Revision 82 William M. Miller 2013-01-14 2013-01 N3480 Core  
N3502 C++ Standard Core Language Defect Reports and Accepted Issues, Revision 82 William M. Miller 2013-01-14 2013-01 N3481 Core  
N3503 C++ Standard Core Language Closed Issues, Revision 82 William M. Miller 2013-01-14 2013-01 N3482 Core  
N3505 Filesystem Library Proposal (Revision 4) Beman Dawes 2013-01-12 2013-01 N3399 Filesystem  
N3506 A printf-like Interface for the Streams Library Zhihao Yuan 2012-12-26 2013-01   Library Evolution  
N3507 A URI Library for C++ G. Matthews, D. Berris 2013-01-11 2013-01 N3484 Networking  
N3508 Any Library Proposal (Revision 2) B. Dawes, K. Henney 2013-01-11 2013-01 N3390 Library  
N3509 Operator Bool for Ranges Olaf van der Spek 2012-12-19 2013-01   Library Evolution  
N3510 std::split(): An algorithm for splitting strings Greg Miller 2013-01-10 2013-01 N3430 Library Evolution  
N3511 exchange() utility function Jeffrey Yasskin 2013-01-10 2013-01   Library Evolution  
N3512 string_ref: a non-owning reference to a string, revision 2 Jeffrey Yasskin 2013-01-11 2013-01 N3442 Library Evolution  
N3513 Range arguments for container constructors and methods, wording revision 2 Jeffrey Yasskin 2013-01-11 2013-01 N3456 Ranges  
N3514 A Proposal for the World's Dumbest Smart Pointer Walter Brown 2012-12-19 2013-01   Library Evolution  
N3515 Toward Opaque Typedefs for C++1Y Walter Brown 2013-01-11 2013-01   Evolution  
N3516 C++ Standard Library Active Issues List (Revision R81) Alisdair Meredith 2013-01-15 2013-01 N3473 Library  
N3517 C++ Standard Library Defect Report List (Revision R81) Alisdair Meredith 2013-01-15 2013-01 N3474 Library  
N3518 C++ Standard Library Closed Issues List (Revision R81) Alisdair Meredith 2013-01-15 2013-01 N3475 Library  
N3519 Feb 5, 2013 SG1 Teleconference Announcement and Agenda Hans Boehm 2013-01-11 2013-01   Concurrency  
N3520 Critical sections in vector loops Robert Geva 2013-01-11 2013-01   Concurrency  
N3521 convert() utility function Jeffrey Yasskin 2013-01-12 2013-01   Library Evolution  

 

Quick Q: How to use range-based for with std::map? -- StackOverflow

By Blog Staff | Jan 21, 2013 08:06 AM | Tags: basics

A common question from the SO archives:

C++11: How to use range-based for loop with std::map?

The common example for C++0x range-based for() loops is always something simple like this:

std::vector<int> numbers = { 1, 2, 3, 4, 5, 6, 7 };

for ( auto xyz : numbers )

{

     std::cout << xyz << std::endl;

}

In which case xyz is an int. But, what happens when we have something like a map? What is the type of the variable in this example:

std::map< foo, bar > testing = { /*...blah...*/ };

for ( auto abc : testing )

{

    std::cout << abc << std::endl;         // ? should this give a foo? a bar?

    std::cout << abc->first << std::endl;  // ? or is abc an iterator?

}

When the container being traversed is something simple, it looks like range-based for() loops will give us each item, not an iterator. Which is nice...if it was iterator, first thing we'd always have to do is to dereference it anyway.

 

But I'm confused as to what to expect when it comes to things like maps and multimaps.

C++11 Rocks: Visual Studio 2012 Edition -- Alex Korban

By Blog Staff | Jan 18, 2013 05:24 PM | Tags: intermediate basics

Alex Korban has written a nice e-book that covers the parts of C++11 available in Visual Studio, including documenting limitations and bugs while still focusing on how using the C++11 features makes code cleaner, safer, and faster into the bargain.

The Visual Studio 2012 edition is now in beta. See the table of contents for what's covered, and a free sample to check out the style.

C++11 Rocks: Visual Studio 2012 Edition

by Alex Korban

Highlights from the description:

Visual Studio 2012 gives you the opportunity to use C++11 features to make your code significantly cleaner and easier to read, and to improve performance as well.

But which features are there? Are they ready for use in production code? ... 

You can master the C++11 features in VS2012 with this book. It’s laser focused on C++11, Visual Studio 2012, and nothing else. You’ll quickly get in-depth knowledge of the stuff you need to know.

You’ll learn easily with tons of examples. I spent a lot of time researching and testing, and as a result the book details many C++11 bugs and cases of non-standard behavior in Visual Studio.

Continue reading...

HPX (High Performance ParalleX) 0.9.5 Released

By Eric Niebler | Jan 17, 2013 12:44 PM | Tags: intermediate advanced

The High Performance ParalleX (HPX) library has produced its 0.9.5 release. Here's a snippet about HPX from its release announcement.

HPX 0.9.5 Released

[...] HPX (High Performance ParalleX) is a general C++ runtime system for parallel and distributed applications of any scale. It is the first freely available, open source, feature-complete, modular, and performance oriented implementation of the ParalleX execution model. HPX is targeted at conventional architectures and, currently, Linux based systems, such as SMP nodes and conventional clusters. [...]

Continue reading...

C++ Training at All Levels -- Leor Zolman

By Blog Staff | Jan 16, 2013 05:54 PM | Tags: intermediate basics advanced

On-Site C++ Training at All Levels

by industry veteran Leor Zolman

 

Note: For a limited time, any 4- or 5-day training includes the C++11 Overview.

 

Our C++ and C seminars have been designed by some of the best-known, most effective C++ educators practicing today. In addition to materials created by Leor our C++ training repertoire features courses licensed from and supported by industry leaders Dan Saks and Stephen C. Dewhurst.

A Whirlwind Overview of C++11 (1/2-day, author: Leor Zolman)

Advanced C++  (Author: Stephen C. Dewhurst)

Effective C++ (3-, 4- and 5-day versions of courseware by Scott Meyers based on his books)

An Effective Introduction to the Standard Template Library (STL) (Author: Scott Meyers)

C++ for Non-C Programmers (Author: Leor Zolman)

C++ and Object-Oriented Programming (a.k.a. C++ for C Programmers). (Author: Dan Saks)

A sample unit of any course is available upon request.

Contact us today for more information or to schedule an on-site training at your location!

Announce: Third Annual European LLVM Conference

By Eric Niebler | Jan 16, 2013 01:03 PM | Tags: None

For many of our readers, LLVM and Clang will need no introduction. LLVM is a modular compiler toolchain, and Clang is an LLVM front-end for the C family of languages. They're both implemented in C++. Together, they're taking the C++ toolchain in new directions. Be a part of the action at this just-announced developer conference in April in Paris. (Does it get better?) From the announcement:

Announcements

We are pleased to announce the third European LLVM conference on April 29-30 2013 in Paris, France. This will be a two day conference which aims to present the latest developments in the LLVM world and help strengthen the network of LLVM developers. The format will be similar to that of the previous meetings held in London but with more time for presentations and networking. The meeting is open to anyone whether from business or academia, professional or enthusiast and is not restricted to those from Europe -- attendees from all regions are welcome.

This meeting is about 8 days after the ISO C++ standardization meeting in Bristol, UK. Twofer, anyone? The full announcement gives all the details.

Continue reading...

Are the Java vulnerabilities actually C and C++ vulnerabilities?

By H Sutter | Jan 15, 2013 01:40 PM | Tags: None

You've probably seen the headlines:

[US-CERT] Java in Web Browser: Disable Now!

We've been telling people to disable Java for years. ... We have confirmed that VU#625617 can be used to reliably execute code on Windows, OS X, and Linux platforms. And the exploit code for the vulnerability is publicly available and already incorporated into exploit kits. This should be enough motivation for you to turn Java off.

Firefox and Apple have blocked Java while U.S. Homeland Security recommends everyone disable it, because of vulnerabilities

Homeland Security still advises disabling Java, even after update

Some people have asked whether last week's and similar recent Java vulnerabilities are actually C or C++ vulnerabilities -- because, like virtually all modern systems software, Java is implemented in C and C++.

The answer is no, these particular exploits are pure Java. Some other exploits have indeed used vulnerabilities in Java's native C code implementation, but the major vulnerabilities in the news lately are in Java itself, and they enable portable exploits on any operating system with a single program. Note that this isn't to single out Java; other managed code environments have had similar vulnerabilities reported as well.

Today CERT posted an analysis of the current Java vulnerabilities, written by our own ISO C++ committee member David Svoboda:

Anatomy of Java Exploits

by David Svoboda

Java was exploited recently and last August. The August exploit was patched by Oracle on August 30; this most recent exploit now also has a patch available. Strictly speaking, the vulnerabilities that permitted both exploits are independent; the current exploit attacked code that was unused by the August exploit. Nevertheless, these vulnerabilities were quite similar. This blog post examines the vulnerabilities that permitted Java to be exploited in each case, using the proof-of-concept code exploits that have been published for them in January 2013 and August 2012.

The article demonstrates and comments on how security issues are common to all modern languages. From the conclusion:

While many previous Java vulnerabilities were actually vulnerabilities in the C code of a particular Java implementation, these exploits ran with pure Java -- no underlying C/C++ vulnerability was involved.

This doesn't mean Java is a horrible language any more than vulnerabilities in C and C++ make those horrible languages. Rather, it emphasizes that security is hard in any language or environment, and pretending otherwise is never helpful. For example, CERT publishes secure coding guidlines for various languages (the Java book coauthored by the author of the blog post above, David Svoboda):

And as Svoboda's CERT blog post today noted, many of today's popular attacks aren't language-specific, and:

... injection attacks, such as SQL injection, cross-site scripting (XSS), and command injection, occur in all languages that permit string manipulation.

Just like it isn't enough to think that using C++, which advertises an emphasis on performance, by itself means your code will be fast, it isn't enough to think that using a language that advertises an emphasis on safety means your code will be secure. As Robert Seacord, author or coauthor of both books above, said in email yesterday:

"The fact is that you need to understand the problems in whatever language you are using and diligently apply secure coding practices and principles if you want to have any hope of developing secure systems."

That's a lesson we can all benefit from, no matter which modern mainstream language we use.

POCO 1.4.6 released, 1.5.1 development release now available

By Blog Staff | Jan 14, 2013 04:41 PM | Tags: None

POCO versions 1.4.6 (stable) and 1.5.1 (development preview) are now available. Version 1.5.1 is a preview of the next major stable 1.6.0 release planned for this spring.

Here is the short note in its entirely. The links take to you the original announcement.

Releases 1.4.6 and 1.5.1 Available

Stable release 1.4.6 brings some bugfixes and minor enhancements. See the CHANGELOG for the details. This is planned to be the last release in the 1.4 series.

Development release 1.5.1 is a major step towards the next stable 1.6.0 release planned for this spring. See the CHANGELOG for what’s new.

Get the source code from the download page or directly from GitHub.