ansaurus

Question

What is the most dangerous feature of C++?

Answer 1

+1 A:

Its implementation of exception handling is an easy inroad for memory leaks.

eduffy 2009-07-07 17:58:55

How so? Are you thinking of the case of exceptions thrown by pointer instead of reference?

Steven Sudit 2009-07-07 18:16:22

With proper RAII, this isn't an issue, i think

Johannes Schaub - litb 2009-07-07 18:18:41

Disagree. I see no reason for memory to be leaked with exceptions. The standard is very clear in how the exception is propogated.

Martin York 2009-07-07 18:25:11

Answer 2

+6 A:

delete [] array;

can sometimes become

delete array;

in the hands of someone who doesn't know. Tracking that bug down can suck horribly, and doesn't happen when you're doing malloc and free.

mmr 2009-07-07 18:00:07

As you probably know, why it doesn't happen with malloc and free is because it doesn't make a distinction between an array or a single item.

Skurmedel 2009-07-07 18:09:51

Exactly. So I got rid of the 'seem to' clause there; I was being cautious because it's been so long since I've used C...

mmr 2009-07-07 18:21:39

Hehe same here :)

Skurmedel 2009-07-07 19:21:00

Answer 3

+6 A:

buffer overflows have to be the most dangerous things in both c and c++. This is also the reason that Microsoft announced that they have added memcpy() to their list of banned functions

multiple inheritance is another

SQLMenace 2009-07-07 18:00:35

Most dangerous thing of any language without overrun protection.

Skurmedel 2009-07-07 18:04:57

Answer 4

+1 A:

Probably the most dangerous aspect of C++ that doesn't exist in C is the ability to override operators for complex types. It can be very easy to make subtraction addition (and vice versa), for example.

It's stupid that anyone would do that, but it can be done. Making it dangerous.

Randolpho 2009-07-07 18:00:53

Answer 5

+1 A:

The virtual destructor requirement is easy for new comers to miss (although I think most compilers are smart enough to point this one out).

eduffy 2009-07-07 18:01:22

What virtual destructor requirement?

Magnus Skog 2009-07-07 18:05:04

@Magnus: If you destroy an object via a pointer to its base (or any ancestor), then if the destructor is not virtual the incorrect destructor will be called. Thus classes that are designed to be overridden should probably have a virtual destructor.

Martin York 2009-07-07 18:27:11

Answer 6

+3 A:

Operator overloading. Very easy to make things difficult to understand what's going on. It's easy to overlook the fact that an overload is going on, even for experienced C++ developers.

Jared Oberhaus 2009-07-07 18:01:27

Overloaded operators have their place. I wouldn't say the feature is inherently bad--it can be quite useful. It's when people start defining them to do things counter-intuitively that the difficulties emerge. Overloaded operators, when used properly, can make code simpler and cleaner.

Jeff L 2009-07-07 18:09:33

Answer 7

A:

If you're going to compare the safety of C++ versus C, then you've missed the point of that phrase. C++ is arguably no safer than C.

Where the comparison can really be made is with a language such as Java. Essentially, Java handles your memory for you, so you won't end up with undefined behavior when calling memory outside of the memory your program is currently using (going out of bounds on arrays, etc.).

To address your question though, the worst thing that's happened to me was a buffer overflow to override my own password (I did it purposefully, however).

AlbertoPL 2009-07-07 18:01:50

Very true. The most dangerous aspects of C++ are actually holdovers from C. There are a few features in C++ that don't exist in C (like operator overloading); I believe the question is asking about those.

Randolpho 2009-07-07 18:05:02

In fact the static type checking can be enforced more strictly in C++ than in C, I think (the typedefs are in the end something like "anything goes")

fortran 2009-07-07 18:07:30

C++ gives you the choice, you can use checked array bounds if you want - but you don't have to (and pay the performance penalty) if you don't need to

Martin Beckett 2009-07-07 18:14:48

C++ is certainly safer than C in the sense that it gives you the tools to avoid pitfalls such as out of bounds memory accesses.

jalf 2009-07-07 20:52:00

Answer 8

A:

I've always wondered about that quote. I can't think of any way in which C++ is more dangerous than C.

In any case, I have to say the most dangerous "feature" is that there is nothing to stop you from accessing unallocated memory. It is an error that is almost impossible to debug, causes all sorts of random behavior, from crashes to nothing at all to just weird behavior.

jalf 2009-07-07 18:04:00

Answer 9

+2 A:

I passed this to a helper function in another object from a constructor. The helper function added the pointer to a list of objects it was maintaining. Of course, after the constructor finished and returned, the object was located in a very different location in memory and the pointer stored in the other object was no longer valid. Yikes!

Nick Lewis 2009-07-07 18:04:38

Is that true? :-|

fortran 2009-07-07 18:08:06

It's never safe to leak "this" out of a constructor. Particularly not in a multi-threaded environment, in which case the object may be partially constructed or only partially visible.. Objects cannot be assumed to be fully constructed until after the constructor has returned (this is also true of Java and C#).

Nick Lewis 2009-07-07 18:10:24

Sounds like you have had a bug.

Artem Barger 2009-07-07 18:11:17

True passing a 'this' of a partially constructed object can be dangerious, but I have never considered (nor currently believe) that the object will be moved during construction. That would have too many implications on member variables that have already been constructed (As part of the address change the members would need to be copy constructed to new locations [simply byte copy is not suffecient in C++]).

Martin York 2009-07-07 18:31:49

I don't know for certain that the object was moved, only that the 'this' pointer referred to a different location after the constructor had returned. The pointer I passed and stored referred to a very low memory address, and after returning from the constructor, 'this' referred to a much more ordinary location. This from the VS debugger. In any case, it failed when we tried to call a method with it! I may explore this more thoroughly.. At the time, we just raised our eyebrows, fixed it, and moved on.

Nick Lewis 2009-07-07 18:55:04

With multiple inheritance, the address in "this" depends on what class you're currently in. So maybe the call was implicitly casting around a hierarchy, and the conversion used a hidden value that hadn't been initialised?

Steve Jessop 2009-07-07 19:48:22

@Nick - this sounds like a potentially interesting problem. Consider posting it as a question here.

Michael Burr 2009-07-08 00:58:06

Answer 10

A:

Operator overload if not correctly implemented
multiple inheritance (easy to misuse)
buffer overflow

Burkhard 2009-07-07 18:06:48

Answer 11

+1 A:

I would have say automatic type conversion. C++ can create temporary variables in unintuitive ways through automatic type conversion.

BeWarned 2009-07-07 18:12:00

ansaurus

tags:

views:

answers:

What is the most dangerous feature of C++?

related questions