Deprecate setjmp/longjmp? [was Re: Maybe it's time to get rid of tcpwrappers/tcpd?]
fweimer at redhat.com
Mon Apr 28 08:24:29 UTC 2014
On 04/28/2014 09:52 AM, Nikos Mavrogiannopoulos wrote:
> setjmp and longjmp are tools, that one may use in a good or bad way.
> Along the same lines one could argue for dropping programs that use goto
> in Fedora (because everyone knows that goto is bad).
All compliant uses of setjmp/longjmp can be replaced with C++
exceptions. I'm sure such a change would be somewhat controversial.
> To the point, if a program uses setjmp and longjmp it is often that
> there was no other way to do it. You cannot for example have a
> co-routine/fiber implementation in C without setjmp() and longjmp().
I'm pretty sure it's one of the misuse scenarios. As specified, these
functions cannot be used for unrestricted stack switching. Performance
of setjmp/longjmp is also extremely poor because these functions save
and restore much more context than needed.
Florian Weimer / Red Hat Product Security Team
More information about the devel