Deprecate setjmp/longjmp? [was Re: Maybe it's time to get rid of tcpwrappers/tcpd?]

[Florian Weimer]

On 04/28/2014 09:52 AM, Nikos Mavrogiannopoulos wrote:

> setjmp and longjmp are tools, that one may use in a good or bad way.
> Along the same lines one could argue for dropping programs that use goto
> in Fedora (because everyone knows that goto is bad).

All compliant uses of setjmp/longjmp can be replaced with C++ 
exceptions.  I'm sure such a change would be somewhat controversial.

> To the point, if a program uses setjmp and longjmp it is often that
> there was no other way to do it. You cannot for example have a
> co-routine/fiber implementation in C without setjmp() and longjmp().

I'm pretty sure it's one of the misuse scenarios.  As specified, these 
functions cannot be used for unrestricted stack switching.  Performance 
of setjmp/longjmp is also extremely poor because these functions save 
and restore much more context than needed.

-- 
Florian Weimer / Red Hat Product Security Team