Bugtraq mailing list archives
Re: ncurses 4.1 security bug
From: ben () ALGROUP CO UK (Ben Laurie)
Date: Sat, 11 Jul 1998 11:56:41 +0100
David Schwartz wrote:
In C++ _you cant_ C++ global object constructors are called in pretty much arbitary order before main() is entererd. Its an interesting reason not to write setuid apps in C++ 8)Constructing global objects is bad anyway for a variety of reasons and tends to cause subtle bugs since the order is indeterminate. For example, if a class initializes global objects for its own tracking and you create an instance of the class globally, you have no way to know whether the class is internally ready to function or not. In general, you have no way to know if a class relies upon global initialization. Imagine if you do, globally, 'MyString foo("test");' but unknown to you, 'MyString.h' has: class MyString { private: static int StringCount; ... public: MyString(const char *f) { StringCount++; ... } }; and 'MyString.cpp' has: int MyString::StringCount=0; Constructing an instance of such a class globally is suicide. It's far better to use global _pointers_ and initialize them with calls to 'new' from your 'main' function. Constructing 'complex' global objects is a losing proposition to begin with. And, in general, almost every global variable can be eliminated by clean coding.
Why is C++ bashing so popular? Why can't people get it right? According to Stroustrup, The C++ Programming Language, 3rd ed., section 9.4.1 Initialization of Nonlocal Variables, p.218 (in the 3rd printing): "Note that variables initialized by constant expressions cannot depend on the value of objects from other translation units and do not[1] require run-time initialization. Such variables are therefore safe to use in all cases." [1] The word "not" was missing until the 6th printing (see the errata). And if that doesn't make you happy, Stroustrup also provides a way to make the initilisation happen at the right moment, by using a function that returns a reference to a local static. OTOH, I agree that global constructors should be avoided where possible. Cheers, Ben. -- Ben Laurie |Phone: +44 (181) 735 0686| Apache Group member Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org/ and Technical Director|Email: ben () algroup co uk | A.L. Digital Ltd, |Apache-SSL author http://www.apache-ssl.org/ London, England. |"Apache: TDG" http://www.ora.com/catalog/apache/ WE'RE RECRUITING! http://www.aldigital.co.uk/recruit/
Current thread:
- Re: Forwared to me, (continued)
- Re: Forwared to me Michael H. Warfield (Jul 13)
- Re: Forwared to me Jason Downs (Jul 13)
- Re: Forwared to me Illuminatus Primus (Jul 13)
- Netware 4.x Attack Tool Announcement Simple Nomad (Jul 13)
- Re: ncurses 4.1 security bug Casper Dik (Jul 09)
- Re: ncurses 4.1 security bug Pavel Kankovsky (Jul 09)
- Re: ncurses 4.1 security bug Matt Evans (Jul 09)
- Re: ncurses 4.1 security bug Warner Losh (Jul 10)
- inetd can leak file descriptors +FIX Jeff Forys (Jul 14)
- Re: ncurses 4.1 security bug Alexander Kjeldaas (Jul 15)
- Re: ncurses 4.1 security bug Warner Losh (Jul 10)
- Re: ncurses 4.1 security bug Ben Laurie (Jul 11)
- Re: ncurses 4.1 security bug David Schwartz (Jul 11)
- Re: ncurses 4.1 security bug Geoffrey KEATING (Jul 14)
- Re: ncurses 4.1 security bug Ben Laurie (Jul 11)
- Re: ncurses 4.1 security bug David Schwartz (Jul 11)
- Re: ncurses 4.1 security bug Ben Laurie (Jul 12)