: Standard C++

Home » Blog » Categories »

« Prev Next »

CopperSpice: Concepts in C++20

By Ansel Sermersheim | Oct 11, 2020 12:10 PM | Tags: None

New video on the CopperSpice YouTube Channel:

Concepts in C++20

by Barbara Geller and Ansel Sermersheim

About the video:

In this video we look at the feature called Concepts which was added in C++20. We discuss some of the reasons concepts were added to the language, and why concepts as they were accepted are not like the original proposals they started with. We also provide an example of replacing SFINAE with concepts to produce cleaner and more readable code.

Please take a look and remember to subscribe!

Winning the race against TOCTOU vulnerabilities in C & C++ -- Ann G. Campbell

By ganncamp | Oct 11, 2020 12:07 PM | Tags: None

Researchers were surprised to find that their Time of Check to Time of Use (TOCTOU) attack succeeded 85% of the time, even when the critical operations were "separated only by a few milliseconds."

To better understand this vunlerability and what you can do, read:

Winning the race against TOCTOU vulnerabilities in C & C++

by G. Ann Campbell

From the article:

With TOCTOU, the idea is that there's a window of opportunity between when a privileged program checks a file (Does the file exist? Are permissions okay for what we're about to do? …) and when it operates on that file (Create the file. Write to the file. …). In that window, an attacker could replace the file with e.g. a symlink to `/etc/passwd`, and the operation you meant to perform on `/home/ann/tmp` happens to an important system file instead.

Broader coverage of C++ Core Guidelines & broken access control detection with SonarQube and SonarCl

By ganncamp | Oct 8, 2020 11:35 AM | Tags: None

SonarSource recently improved C++ analysis to provide even broader coverage of the C++ Core Guidelines and to add detection of broken access control vulnerabilities

C++ analyzer provides a broader coverage of the C++ Core Guidelines and detects broken access control security issues

By Alexandre Gigleux

From the article:

We’re proud to announce the following improvements to the C++ analyzer:

security rules detecting broken authentication and access control issues

broader coverage of the C++ Core Guidelines

Security Rules

We implemented 6 rules related to broken access control (incorrect permission assignments, privilege escalations, unprotected APIs …):

Range-v3: An Introduction to the Library [In Spanish] -- Daniel G Vergel

By Daniel G Vergel | Oct 8, 2020 11:30 AM | Tags: None

This series of posts provides a brief introduction to some of the most commonly used algorithms, views, and actions of the library. It is written entirely in Spanish, in part to mitigate the lack of educational materials on modern C++ currently available in my native language. Many of the codes are nevertheless self-explanatory, and I hope, may be of interest to a broader audience.

Ranges-v3: An Introduction to the Library

Range-v3: An Introduction to the Library

by Daniel G Vergel

About the series

As an Associate Professor at the European University (Madrid, Spain), I decided to integrate C++17/20 and the Range-v3 library into my teaching materials to build a more interesting and up-to-date syllabus for my courses. The adoption of a functional style of coding has helped me produce better and more expressive code, making my students' first approach to system programming easier.

Examples 1 (generate_n, group_by, sort, to) and 2 (filter)

Examples 3 (enumerate, shuffle, take, zip) and 4 (intersperse, tokenize)

Examples 5 (getlines, transform) and 6 (iota, set_difference, split_when)

Example 7 (stable_partition, subrange)

Example 8 (concat, drop, generate, take_while)

Examples 9 (cycle) and 10 (keys, values)

std::format in C++20--Peter Gottschling

By Adrien Hamelin | Oct 7, 2020 12:02 PM | Tags: c++20

More convenience for formatting.

std::format in C++20

by Peter Gottschling

From the article:

Today, I'm happy to present Peter Gottschling's guest post to the new formatting library in C++20: std::format. Thanks to std::format, text formatting becomes in C++20 as easy as in Python...

More Convenience Functions for Containers with C++20--Rainer Grimm

By Adrien Hamelin | Oct 7, 2020 11:39 AM | Tags: c++20

More convenience.

More Convenience Functions for Containers with C++20

by Rainer Grimm

From the article:

Removing elements from a container or asking if an associative container has a specific key, is too complicated. I should say was because with C++20 the story changes.

Announcing the closing keynote of Meeting C++ 2020!

By Meeting C++ | Oct 7, 2020 03:06 AM | Tags: meetingcpp community c++20

Finally I can announce the closing keynote of this years Meeting C++ conference!

Announcing the closing keynote of Meeting C++ 2020

by Jens Weller

From the article:

During September I was thinking about this years closing keynote. It would have been fine to leave it open, but its also the case that 2020 gives us opportunities and so I thought about who could be giving this years closing keynote.

Why it is important to apply static analysis for open libraries that you add to your project

By Andrey Karpov | Oct 2, 2020 01:48 PM | Tags: static code analysis static analysis open source code review code quality

If there are several options, it is useful to take time to analyze open libraries in order to choose the best one.

Why it is important to apply static analysis for open libraries that you add to your project

by Andrey Karpov

From the article:

Because of a typo, the original vector is returned, not the new scaledVector container. The same error occurs in the division operator. Facepalm. Again, these errors don't mean anything separately. Although, this is a hint that this library isn't used much and there is highly likely that there are other serious undetected errors in it.

False positives are our enemies, but may still be your friends -- Loic Joly

By ganncamp | Oct 2, 2020 10:44 AM | Tags: None

Insights into how static analysis rules are structured, why false positives exist, how they're fought, and why - hard as we try - they may always be with us.

False positives are our enemies, but may still be your friends

By Loic Joly

About the article:

When writing a rule for static analysis, it’s possible that in some cases, the rule does not give the results that were expected. Unfortunately, naming a false positive is often far easier than fixing it. In this post, I’ll discuss how the different types of rules give rise to different types of false positives, which ones are easier to fix than others, and how you can help. I’ll end with insight into how issues that are false positives can still be true indicators that the code needs to change.

"C++ Move Semantics - The Compete Guide" is Complete and in Print -- Nicolai Josuttis

By Nico Josuttis | Oct 2, 2020 10:37 AM | Tags: c++17 c++14 c++11 advanced

The book "C++ Move Semantics - The Complete Guide" is now done and out as ebook or printed.

C++ Move Semantics - The Complete Guide

by Nicolai Josuttis

About the book

On 260 pages (yes, it is that complicated if you want to deal with all the details), Nicolai Josuttis introduces and explains all aspects of C++ move semantics:

Intuitive motivation

Compelling examples

Tricky details

The book covers all aspects of move semantics:

From std::move() and rvalue references

Over reference qualifiers, invalid moved-from states, and value categories

Up to tricky details in generic code using std::forward(), universal/forwarding references, auto&&, and decltype(auto).

Additional chapters about move-only types and the support of move semantics in the C++ standard library help to understand and use standard types in practice.

See cppmove.com for a detailed list of all topics covered.