[Cryptography] GOTO Considered Harmful
Derek Atkins
derek at ihtfp.com
Fri Feb 28 14:12:19 EST 2014
On Fri, February 28, 2014 1:07 pm, Patrick Chkoreff wrote:
> I refactored Apple's code:
>
> http://fexl.com/goto-considered-harmful
>
> You're welcome.
Sorry, Patrick, but your code doesn't work, either. Indeed, your code can
be made to return success by having 'failed' turned on at the beginning.
Then you'll hit the line:
failed ||= ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0);
Which will most likely set err to OK (because, honestly, SHA1 final never
fails. Then it will fall though to:
return err;
Eh viola, no error code returned.
A better approach would be a set of:
do {
...
} while (0);
sections. E.g.
do {
if ((err = ReadyHash(&SSLHashMD5, &hashCtx)) != 0) break;
...
while (0);
Or:
if (!err) err = ReadyHash(&SSLHashSHA1, &hashCtx);
if (!err) ....
This way you will always make sure you return an error, and you are
guaranteed to return the first error you hit.
Or drop the code and use C++ exceptions ;)
-derek
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
More information about the cryptography
mailing list