On Mon, Mar 2, 2009 at 2:50 PM, Beman Dawes <bdawes@acm.org> wrote:
On Mon, Mar 2, 2009 at 12:32 PM, Peter Dimov <pdimov@pdimov.com> wrote:
[snip]
It's also necessary if you want to introduce stack buffer overflow attacks. Now, I don't question the right of every C++ programmer to be able to overflow the stack, but I don't like this ability being presented under the name "push_back".
I agree strongly with Peter.
The default needs to be safety, unless there is something to indicate the danger is accepted. Thus push_back() could throw on overflow,
I rather have auto_buffer to be growable. Having an exception thrown is rarely what the user wants. I wanted auto_buffer to be a SBO class with a STL interface. Maybe it would be nice to have a SBO class for heterogeneous array as well?
while unchecked_push_back() could have the semantics of the current push_back() implementation. There are probably other approaches, too, that would provide reasonable security.
Having unchecked_push_back can't hurt.
--Beman
Regards, -- Felipe Magno de Almeida