All those safe functions should return the same value as their unsafe counterparts, and return values should be checked. Unless completely unuseful like for strcpy. Don't teach ignoring return values.
Engineer/Developer haircuts are functional: Maximum hat compatibility, covers the basics while limiting vulnerabilities and potential exploits. Video suggestions: - Projects you worked on which impressed you with elegant or clever code solutions - Worst production code you ever saw (bonus if you had to fix it) - Coding "pet peeves" (bonus if they are pedantic or inconsequential!) Enjoy your videos!
Eh, in 10 years he'll be saying "40 years of C and C++, finally getting good" In 20 years, he'll be saying "50 years of C and C++, finally getting good". It never ends.
I think what I like most about this channel is its all about the code I wrote when I started professionally.. and the code I maintain today. Most Programmer videos on youtube want to focus on much newer topics, and those that do touch on C++ dont really go in deep.. or if they do, not in an entertaining way.
/W4 is the way to go! At a prior job I was asked to review a program that would periodically crash. 3 other programmers had reviewed it but were unable to find the problem. I set to /W4 and there were 2000 warnings!!! OMG! I went through each line, determined whether the code was safe, and adjusted to avoid the warning. In the end there were 3 lines of code that weren't safe. I adjusted the code to behave correctly. Voila! Success! Do NOT ignore warnings!
The more I watch your coding episodes, the more respect I get for you and all the other colleagues that had to deal with writing proper secure code. Although I'm not a huge fan of the VS-specific _s functions (when writing cross-platform code), I do understand their value. Very useful and fun to watch your YT clips.
How many programmers does it take to write a line of code? _Ten..._ one to write the line, and nine to tell how they could have done it better! Edit: I'm always happy when others pronounce the name of a function phonetically.
This all reminds me where I pwned an intern that was so proud of his "unbreakable" C code until I piped a few megabytes of unicode into there. This is invaluable advice.
Dave, you are the most charming, eloquent, knowledgeable, kind and endearing, genuinely funny programming savant. I admire you sincerely. God bless you
I love when you share mistakes, bad habits, etc. When people with more experience than yourself show how and when they make errors or mistakes, it gives the less experienced person so much valuable context, by which hers/his own body of knowledge can be judged. When the expert never fails at anything, and needs zero time to accomplish comparatively outlandish results, it is detrimental to the experience. But showing the, not always straight to target, path there inspires. Great work!!
I once inherited a project that compiled and had about 25000 warnings on compile. I took the time to make it compile at /w4 as well, but never turned on errors. If anyone ever checked in code that made warnings in the future, I took that as a teachable moment, because half the warnings I fixed were actual bugs or potential outright terminate process errors provided the right conditions. Who knows how many security issues, that wasn't my end goal but a benefit.
Mister Plummer, this is an amazing series and even though this is only the second episode, you are giving out invaluable information for practical programmers. Please keep it up!
Great topic Dave. Reminds me of my first couple of weeks of computer science 101. Course Overview - there will be 10 assignments in this course, your final mark will consists of your best 9 assignments. Assignment #1 - Create a string library with your own set of common string functions. (So many of my classmates got caught up in frosh week that they skipped the 1st assignment and decided they would work hard on the next 9). Assignment #2 - Using YOUR PERSONAL STRING LIBRARY you created from week #1... :) LOL
@@nickwallette6201 Jaws were dropping as students realized they would have to completed Assignment 1 for no marks in order to even attempt Assignment 2. :)
I love you, just for the fact that you stick with GPL2 licence for your code snippets! You don't wanna know how many people just blindly apply GPL3 to their projects and shoot their future selfs in the foot, especially when they want to use their own projects in proprietary use cases.
I'm so glad I found your channel. Every video has something in it I didn't know, and I've been writing c for a long time (though not near as long as you) Thank you!
Looking forward to more of these! C++ is the first language I learned (aside from some messing around in BASIC) back in 2000, but I haven't kept up to date. You bet my code was full of insecure string functions. These videos are great for helping me modernize my knowledge!
40+ years ago I learnt C by writing a C compiler in Pascal for the CDC mainframes. Non ASCII, 60 bit words, flat filesystem. Added a cross compiler for 8086 ( segmented memory space ). Started by outputting Forth style stack operations. Sold three or four copies.
Given how many security vulnerabilities there are today... Not enough people read Writing Secure Code... Either way, thanks for telling your story. Its amazing to hear all of this wisdom.
Hi, Dave! I am an IT student. This is my first comment on UA-cam. YOU ROCK! The stories you tell are facinating. And the technical informations are brilliant! And you do not even charge any peny. Thanks a lot for your effort!
Cool stuff. I managed to write my own printf with a variable argument list back in the late '80's when I had no access to a real C compiler. I was playing with a shareware 16bit C compiler which had no libraries at all and which ran from 1.44MB diskettes as I was using a work laptop with a 20MB hard disk. I was (am) an accountant who just loved computers. I set out to write my own C stdlib to go with it and learned a lot by doing that.
warnings as errors, not just silently truncating... yes, yes, yes... nice to see someone else who thinks a bit like me on such things. Great video! Thanks!
Excellent Dave! Thank you for the wonderful content. After 30 years, you are finally getting good at C and C++ 😁 Gold 👍 I moved to C# instead. Loved the sudden style change of no braces after 30 years. Code style changes are fascinating! I know it just feels right, but why didn't it before? What is your opinion of single line "if" statements? Mine seems to vary. Were you ever subjected to stupid coding standards about such things? My C++ topic suggestion is Templates.
Roll out for SP2 went surprisingly well and updating XP rigs payed for many coffees over the years leading upto win7. So, Thank you Dave. I'd love to see a MS-DOS icon and TaskMan UI enamel pins.
I have a limited run of 100 TaskMan enamel UI pins that I had made. I've given away a few to users that have suggested cool video ideas or caught obscure easter eggs, that sort of thing. But they're pretty rare!
@@DavesGarage Well it never hurts to ask so thank you for the speedy reply If I order 2 coffee cups the proceeds go to the npo/charity (awesome) however do you ship them directly or that a hands off process so to speak. Sorry for the late reply, I'll try not to be a time thief. xD
Here's a good C++ topic: Template meta-programming Lots to cover there, could do a whole series on it, there's a lot of useful stuff it can do but most C++ programmers (including myself) aren't too familiar with how to use it effectively, and less experienced C++ programmers basically see it as black magic.
but it's just like typesafe macro expansion with some syntactic sugar on top of it tho. And it gets even more typesafe with concepts and the 'requires' keyword
Rule one about temple meta programming is that if you think you need it, you are probably wrong. However, there are a handful of really compelling reasons to use it. Still even on teams with exceptionally smart programmers I have found that few are capable of maintaining templates...
@@dougpark1025 I work in games, anything that can be done at compile time is a huge win over something that is done at runtime. Usually we need to have big blocks of comments explaining what the magic values we use are, and checklists for modifying anything they were based off so the magic values don't get outdated. Template meta-programming can solve a lot of those cases at compile time and are generally more powerful than macros which often can't do what we need. Though it definitely isn't something that is needed frequently.
The ellipsis operator/variadic functions would make for another great topic for a video (or a few if you get into templates and parameter packs). Another great common pitfall topic to cover for C++ would be implicit narrowing conversions. It's an area where I think many C++ devs. don't know all the details, and are uncomfortable asking.
👍 @Dave'sGarage your content is fantastic these use cases are more advanced than my current skill set. Primarily due to me still being in the introductory phase of my C++/programming journey. Today I was test my knowledge of how to use Composition In C×+ without my textbook. Additionally, I have not used a debugger yet with any my textbook lessons. However, your content is Gold to me. Your content provides value. Thanks.
I program from the 1980's started with a 1802 in assembler. Then C and even fortran. But I still learn from video's like this. My daugter is now programming in C++ so I have to catch up my skills. It is good to take some time to upgrade your coding skills. Thanks
Hi Dave, thank you for the amazing content. Your sizeof "change" after 30 years really hit me, to me being able to test new styles of coding and not get stuck in "I like it this way" is a sign of a good programmer.
Hey Dave! Love the content. Just wanted to let you know that you can add timestamps to UA-cam videos in the description and it will put them in the video timeline in the player. Super useful for content like this!
Dave, thanks for the lessons. I use these functions all over from firmware to software. I will keep this video next time I need these functions on software. Taking me to school by Dave.
"Now that I'm getting good at it..." - that's the thing - at the time, you think you're great, but when you look back, "Wow, I was bad" - experience really is such an important part of being a good programmer.
I very much enjoyed the history lesson at the start. It was around the XP SP2 release that I jumped ship to Mac. XP had just been too troublesome for me to keep going with it, and it also felt like Apple were bringing new features into the OS at a time XP wasn't really changing from a user point of view - now I know the developers were all working on security at that point. It's impressive how far Microsoft have come. I use Win 10 on my gaming rig, and really like it. If I was just a Windows user now, there's absolutely no reason to move to Mac OS that I can see anyway.
I programmed for IBM S/370 computers running variants of OS. My main languages for Assembler F (for systems code), COBOL, PL/1. In Assembler, I might have had the odd problem with pointers and timing, and I had a couple of spectacular paper eaters. One generated "Intervention required" on a virtual printer. Had the operators confused. I filled VM's printer spool. And there was the paper cutter. The printers used continuous paper, and it was customary to print a line of asterisks on the fold between jobs to make it easy to find them. Print enough lines of asterisks on the same fold line and the paper gets cut. Operators don't like that. Since I did interesting new magic things, the operators were generally pretty forgiving. It helped that I was running in a test environment. IBM types got to use PL/S and later PL/X similar to PL/1.
The funny thing about the "don't do security by obscurity" is the fact that ALL security protocols are based on obscurity, whether it's passwords, hardware encryption, the exact shape of the working surface of a physical key, ALL of it is, in some way or another, based on the specifics being hidden from an attacker obscure. Sideways attacks don't break the security barriers, they more or less teleport around it.
+1 for Neil Stephenson. Reading Termination Shock now . . . An electrical engineer who has been C and C++ programing since the early 80s - first on Mark William's Coherent Unix running on an early IBM PC. Remember well when the _s functions were implemented and required updating my code. Annoying at the time, but appreciated the reasoning behind them.
I favour asprintf() for that job as is standard enough, needs little thought and fails in a simple way. More generally just don’t use functions which are still easy to get wrong. That’s what C++ and other languages’ string classes are for
Came here to say this. Given the choice between safe non-standard and safe standard functions, choose the latter. C++'s string class is better at handling strings anyway.
I've read the Scott Meyers "Effective C++" and I really feel that those books made me a better C++ developer, made me understand why to do things in a certain way, and what not to do. But nowdays, I'm not so sure I am that efficient in C++ anymore, new standards, etc. Would be neat to see some small videos on what to do and what not to do in modern C++. Like move operators vs pass by const ref etc.
I wonder: How old is the oldest line of code that can be found in Windows today? Are there any NT-code that are still being used with little to no modifications?
Yeah the FAT32 disk format tool is from the NT days. He did a video on it. Likely some older than that. But you have a definition problem, for example some C libraries may be very old even older than any windows OS and those could be considered lines of code in windows with little modification.
I remember watching a video a while back about someone taking a very early version of Windows (don't recall the start point, but it was definitely pre-3.1) and running every Windows upgrader in sequence up to the latest version. Each step along the way, they would stop and see what had changed and, more interestingly, what had not. And there were definitely some holdovers from the very early days in there.
The custom keyboard layout maker doesn't accept file paths with whitespaces or other weird characters, and it seems like this "bug" has been present for a long time. I found some complaints on a 2004 forum.
I've been playing with C/C++ for nearly 30 years, the first thing in compiling code, is to make sure it compiles clean, no errors, no warnings.... I sometimes see other peoples code, such as some libraries and there are hundreds of warnings in the code..... Warnings are problems in the code, you can spend weeks trying to track down logic bugs, that the compiler actually warned you about. For strings on modern computers in C, I like to define them this way: char *buff . . . buff = (char *)malloc(512); memset(buff,0,512); I now know that, the data space is zero filled. I've sometimes, memset the buffer multiple times, because I am using is as a string, before freeing at the end.
Great video as always, thank you, Dave. But for any programmers reading this: please, PLEASE do not EVER throw exceptions of any types not inherited from std::exception! Use std::runtime_error, or std::logic_error, or any other exception type from . Or write your own struct / class, but inherit it from std::exception.
Exceptions are a billion dollar mistake in general. They make reasoning about the state of a processes data extremely hard and are unnecessary for flow of program control. Functions that return error codes can be used to achieve the same effect without complex stack unwinding
I appreciate the input and you're technically correct, but the problem is that you can't really do that in a UA-cam video. Now you've lost at least 15,000 people at "WTF if std::exception and std::runtime_error and std::logic_error and why do I need stdexcept? What's a namespace? Why is Dave skipping over all this stuff and not explaining ANY of it????? Why did he write his own struct/class an inherit from std::exception without explaining why he did it? I'm going to watch Amanda McCants programming instead." Or, the alternative would be a 45 minute video that no one would finish. Note that I didn't even bite at the apple of "parameter validation with exceptions is a bad idea because malformed input is not truly an exceptional case" and so on. There just isn't time. In other words, you can only introduce so many topics at a time and you can't leave loose ends like that. So it's better in a video like this to throw the absolute simplest thing (I would have thrown void, if you could). And then, when I do introduce exceptions, I'll discuss the proper way. But for now, the only point I wanted to cover is "You can use an exception from the handler". The minimal amount of syntactically code to do that is best, at least for the video. Now I regret the negative since, it's longer! Is throwing a negative int a good way to build an exception heirarchy? No. Is it correct? Yup. Now you don't want to introduce bad style (which this is), and but you never want to be incorrect (which it isn't). So given the choice of poor style brevity and verbose completeness, in a venue like this you have to go with "shortest correct". Which is why magazines and so on often omit error checking... not to teach that you shouldn't check for errors, but because the space provided doesn't allow for it. But as I said, you're right. Exceptions are very hard to get right. Witness how bad it was in MFC and early attempts. I'm not even sure the CRT has it solved. But I know that to this day, I have never been involved in a significant project that was exception based. Everything I've ever worked on that was successful was standard if-else failure code logic. Heck, I even pass std::nothrow and check memory allocs myself! You just can't "dabble" in exceptions.
@@DavesGarage Yeah. errno was a terrible idea as well and where error codes are returned by functions in the c standard library there's no consistancy. The toolkit library in mac os classic actually did this fairly well.
@@AbAb-th5qe The problem with exceptions/longjmp is that they are slow because of how memory is handle, on the other hand a jump table using if statements are faster and causes less overhead. But that being said deepening on what you are programming exceptions/longjmp can be a good alternative.
For anyone wanting to know what makes a C function hazardous just look up "gets". "It stops when either the newline character is read or when the end-of-file is reached, whichever comes first". That ought to be ammened to add "or when something critical gets overwritten".
Can you tell me what you mean? I do have some stories of how the shell was originally pure C but worked with C++ and COM by manually calling through vtables and such!
@@DavesGarage I have still never tried to ha e C call through a C++ virtual method table. Seems I need to set up a weekend project on how to abuse a computer language. 😀
I am just now exploring ImportDLL and the concept of having a static library that is used to load in the dynamic libraries. My code doesn't work quite yet, but getting there.
Using C++ CLI for .NET interop. is a great topic. It's still often way cleaner, easier and less bugprone to author interop. libraries in C++ CLI than any other .NET language when wrapping C and C++ libraries. There are lots of interop. layers still out there built this way that can be a challenge to maintain for devs. unfamiliar with this technology. Many great potential pitfall topics to talk about like CPU target architecture dependence for memory alignment and handling callback functions from native code without crashes on app. shutdown in .NET applications as well.
It's more than 15 years since I coded in C/C++... OMG I lost it all sadly :( which video proved to me. I remember really disliking (almost hate) C# in the beginning because I felt I lost control, I wanted to manage memory allocation/management my self.
First off, great video. Secondly...wikipedia says you are a master at Tempest. Which is really impressive to me, because that was a really hard game due to having to precisely control that spinner control. I love how youtube introduces us to so many cool people with interesting things to say and teach.
The way that C++ manages exceptions is pretty different from other programming languages. Windows approaches exceptions slightly different from other operating systems too.
Love these informative videos, Dave. Some topics I'd enjoy seeing your take on would be how type erasure objects and operations are working behind the scenes (std::function, std::bind, etc), variadic templates, and threading.
How about a comparison of how to write a window/GUI-based "Hello, world" in C# vs C++, and which language is more popular for modern development. For those new to Windows development, a quick segment on Visual Studio Community vs Professional vs Code would be nice too -- a "how to get started guide", if you will.
woah! if you haven't read snow crash you should, it's a modern classic. The main character is a katana wielding pizza delivery man who delivers pizzas for the mafia in an armored sports car. That alone should be enough to make you read it
Dave, you mentioned in your previous episodes that some code you build for Microsoft OS, was non-debuggable. Could you share some ideas on how to make some of our critical code non-debuggable as well? The only idea I get in my mind is to measure code execution time and if it is more than expected, then change code execute flow to mislead the person who is trying to debug.
Look up "The Ultimate Anti-Debugging Reference" by Peter Ferrie. It's a bit old now and nothing is completely undefeatable, but it may give you some good ideas. For example, one of my favourite techniques is to have the program run itself as a debugger, and have the debugger parent process change the control flow of the child process in a way that is necessary for it to work (have the child throw an exception, parent catch it and set a new thread context, or write to the process memory, etc.) This means you can't attach to the child process (which is the bulk of your program) with a debugger since, there's already a "debugger" attached (which your child process is dependent on to function correctly)
he's probably talking about code not being debuggable by Visual Studio, so simple checks such as IsDebuggerPresent would work for that. it completely falls apart when you use a third-party open source debugger such as x64dbg which can hide itself
@@TheAndreArtus Yeah, I've seen the timing idea used in the wild, but it's not a good anti-debug IMO. Of course, like I said, none of them are undefeatable. They only create a temporary hindrance. The reason I don't like the timing idea is that any freeze up or temporary lag spike could trigger the check - and, it's usually not difficult to work around, either. It's a high risk, low reward technique. Unless you know how to remove such a protection, you're not really in a position to create one. Modern protections like Denuvo hire hackers to break them on purpose, then continue to revise until they can't be broken (easily) anymore.
Take a look how cpus cache code ahead. You can write code “assembly” that modifies the next statements executed to distract the person analyzing/debugging the code. If debugged, the flow gets misdirected from the actual cached code execution. If undebugged, the original code executes in the “fast” undebugged and original code execution. Smart debuggers will catch that and just skip those lines to remain on the original path, they might nop out those lines trying to fool those unaware of cpu code caching.
@@robertsentgerath1008 Unless I am mistaken, that wouldn't work on x86 at least. Calling FlushInstructionCache, while good practice, is not strictly necessary there. I assume since the OP asked here they're asking about Windows/x86, but I don't doubt it would work on other CPU architectures
Dave, I know I am a little late the the party, I would love you to go into detail into how to optimize error handling best practices when writing in visual studio. I totally didn't know that trick about calling a separate function instead of the whole abort/retry/ignore window. I don't think anyone at work does either, as I have never seen it before. I use try/catch, but I am not sure what is the proper way of catching say... a hardware error, in say... a serial/tcp/ip return and perhaps returning and logging previously called function calls and other stuff. I only recently learned about the "__func__" macro, which is pretty amazing when it comes to logging. This is more related to debugging rather than production. Great video!
A topic I would like is the linker and linker scripts. An often overlooked part that, when understood, makes so many things more understandable. At least to me as an embedded developer. Sadly this topic is something I seem to have to constantly re-learn. I read up on it, I forget, I read up on it, I forget....
I'm currently on a sick leave, since i have some sort of shitty flu. I found your gold mine of a channel and i've been watching it for the last few days. Its amazing. Thank you for the great content in general. PS: Video idea - What will be cool is if you compare native M1 ARM code to an x86 app using Rosetta with the prime sieve algorithm. Yes the native code will be faster, but by how much? Or a better question - how good is Rosetta? From what i've read in reviews - pretty damn good.
I do remember the C string functions being a pain as I always got the impression that when you try to make something idiot proof and someone will make a better idiot. I say this after I had some coder who did not use exceptions they used 'shudder' goto
I have a 100TB NAS too (Synology)! Glad I am not the only one, lol. I also have a 36TB NAS (also Synology), a 3TB SSD TrueNAS Core for testing and a 32TB TrueNAS Scale, lol
Very good initiative of Microsoft to introduce those _s variants. What I don't like is that in case of invalid argument they may end the program in case you use the default handler. Not sure if that's a good thing when most string functions are GUI related. Windows XP sp2 was a great service pack btw (contrary to NT 4.0 sp2)
@@iDontProgramInCpp in 16 bit x86, a 16 bit segment:16 bit offset address in memory. This is generally rearranged into a 20 bit number representing the flat real address in the 1mb address space. Regular pointers are within the 64k block relative to the segment value set by the os (com) or specified/assigned after relocation (exe). 16 bit code in real mode was generally only able to address 64k without far pointers.
Topic suggestion: Pointer to member function [ptmf] within, say, a Standard Template Library container, such as: map myMap { {"-E", ptmf1}, {"-B", ptmf2}, {"-Z", ptmf3}, {"--kay", ptmf4}}; where ptmf1, ptmf2, ptmf3, and ptmf4 all have function prototype signatures like, void *(*)(string, int);
10:32 You are not the hero your team deserved, you are the hero it needed! (I don't know if your team deserved you, but you are definitely a hero for that action :D)
I'd like to see something on rvalue rederences, designing classes for move semantics, implementing constructors, operator=, etc, automatic memory management and exception safety
In this day and age, thinking about such things as buffer overflow in the smallest pieces of code - that must've been a terror of programmers. Being a C++ programmer - you don't think about the working of the program as a whole - because you need to focus on making your smallest function working properly, like simple string concatenation :P. But the biggest flaw of C and C++ is in my opinion lack of standardized, enforced type of exceptions that save whole stack. Nowadays in any modern language - when you have an exception, you get the whole stack of it - in some languages you not only get the names of functions, but also all their parameters. Looking back at C and C++ - it seems like we currently have heaven on earth.
I bet those downvotes are for the haircut!
If you recommend anything. Someone else will have an alternate "better" recommendation. "Internet" hey ho . Dang this coffee tastes good
Haters gotta hate. I love when there is a new "Dave's Garage" episode...
All those safe functions should return the same value as their unsafe counterparts, and return values should be checked. Unless completely unuseful like for strcpy. Don't teach ignoring return values.
Engineer/Developer haircuts are functional: Maximum hat compatibility, covers the basics while limiting vulnerabilities and potential exploits.
Video suggestions:
- Projects you worked on which impressed you with elegant or clever code solutions
- Worst production code you ever saw (bonus if you had to fix it)
- Coding "pet peeves" (bonus if they are pedantic or inconsequential!)
Enjoy your videos!
The haters preferred C-- over C++
> 30 years of experience in C/C++
> Finally getting good
Lol
I done an IRL lol at that.
30 Years is a good pratice time :)
Eh, in 10 years he'll be saying "40 years of C and C++, finally getting good"
In 20 years, he'll be saying "50 years of C and C++, finally getting good".
It never ends.
u can never bcm great in C/C++ ... good is the limit
I think what I like most about this channel is its all about the code I wrote when I started professionally.. and the code I maintain today. Most Programmer videos on youtube want to focus on much newer topics, and those that do touch on C++ dont really go in deep.. or if they do, not in an entertaining way.
/W4 is the way to go! At a prior job I was asked to review a program that would periodically crash. 3 other programmers had reviewed it but were unable to find the problem. I set to /W4 and there were 2000 warnings!!! OMG! I went through each line, determined whether the code was safe, and adjusted to avoid the warning. In the end there were 3 lines of code that weren't safe. I adjusted the code to behave correctly. Voila! Success! Do NOT ignore warnings!
The more I watch your coding episodes, the more respect I get for you and all the other colleagues that had to deal with writing proper secure code. Although I'm not a huge fan of the VS-specific _s functions (when writing cross-platform code), I do understand their value. Very useful and fun to watch your YT clips.
Having these lessons available is incredible, thank you so much Dave, please keep up the good work.
Glad you like them!
How many programmers does it take to write a line of code? _Ten..._ one to write the line, and nine to tell how they could have done it better!
Edit: I'm always happy when others pronounce the name of a function phonetically.
Hey that's what code reviews are all about right?
One programmer is enough
You wasted too many bytes in that comment!
@@sophiacristina too bad 😶
I would rate this joke as SegFault Error.
That's how bad it is.
I use these all the time and have converted a lot of code to use these as well. Worth the effort for more secure code.
This all reminds me where I pwned an intern that was so proud of his "unbreakable" C code until I piped a few megabytes of unicode into there. This is invaluable advice.
you pawn star, come at me, bro! come at me!
Dave, you are the most charming, eloquent, knowledgeable, kind and endearing, genuinely funny programming savant. I admire you sincerely. God bless you
"I've been coding C++ for 30 years.....now I'm finally getting good at it" -- Do you know how intimidating this is?!?!
You have quickly become the best programming channel on UA-cam
Very kind word, thanks!
@@DavesGarage Not only kind... truthful.
I love when you share mistakes, bad habits, etc. When people with more experience than yourself show how and when they make errors or mistakes, it gives the less experienced person so much valuable context, by which hers/his own body of knowledge can be judged. When the expert never fails at anything, and needs zero time to accomplish comparatively outlandish results, it is detrimental to the experience. But showing the, not always straight to target, path there inspires. Great work!!
I once inherited a project that compiled and had about 25000 warnings on compile. I took the time to make it compile at /w4 as well, but never turned on errors. If anyone ever checked in code that made warnings in the future, I took that as a teachable moment, because half the warnings I fixed were actual bugs or potential outright terminate process errors provided the right conditions. Who knows how many security issues, that wasn't my end goal but a benefit.
Mister Plummer, this is an amazing series and even though this is only the second episode, you are giving out invaluable information for practical programmers. Please keep it up!
Great topic Dave. Reminds me of my first couple of weeks of computer science 101.
Course Overview - there will be 10 assignments in this course, your final mark will consists of your best 9 assignments.
Assignment #1 - Create a string library with your own set of common string functions. (So many of my classmates got caught up in frosh week that they skipped the 1st assignment and decided they would work hard on the next 9).
Assignment #2 - Using YOUR PERSONAL STRING LIBRARY you created from week #1... :) LOL
haha! That's devious. I like it.
@@nickwallette6201 Jaws were dropping as students realized they would have to completed Assignment 1 for no marks in order to even attempt Assignment 2. :)
I love you, just for the fact that you stick with GPL2 licence for your code snippets! You don't wanna know how many people just blindly apply GPL3 to their projects and shoot their future selfs in the foot, especially when they want to use their own projects in proprietary use cases.
David thanks for you time Really like you stories packed around so much info ( that it's all above my head doesn't seem to matter) 😊
after 30 years im finally getting good at it - dave you should get a netflix comedy special hahahaha
Net Send!!! I miss that. Sending messages during computer class was fun at the time.
I'm so glad I found your channel. Every video has something in it I didn't know, and I've been writing c for a long time (though not near as long as you)
Thank you!
You're so welcome!
Looking forward to more of these! C++ is the first language I learned (aside from some messing around in BASIC) back in 2000, but I haven't kept up to date. You bet my code was full of insecure string functions. These videos are great for helping me modernize my knowledge!
40+ years ago I learnt C by writing a C compiler in Pascal for the CDC mainframes. Non ASCII, 60 bit words, flat filesystem. Added a cross compiler for 8086 ( segmented memory space ). Started by outputting Forth style stack operations. Sold three or four copies.
Given how many security vulnerabilities there are today... Not enough people read Writing Secure Code...
Either way, thanks for telling your story. Its amazing to hear all of this wisdom.
Hi, Dave! I am an IT student. This is my first comment on UA-cam. YOU ROCK! The stories you tell are facinating. And the technical informations are brilliant! And you do not even charge any peny. Thanks a lot for your effort!
FOSS teaching :D
Cool stuff. I managed to write my own printf with a variable argument list back in the late '80's when I had no access to a real C compiler. I was playing with a shareware 16bit C compiler which had no libraries at all and which ran from 1.44MB diskettes as I was using a work laptop with a 20MB hard disk. I was (am) an accountant who just loved computers. I set out to write my own C stdlib to go with it and learned a lot by doing that.
Great way to learn how it's all really done!
warnings as errors, not just silently truncating... yes, yes, yes... nice to see someone else who thinks a bit like me on such things. Great video! Thanks!
I just want to say how much I appreciate your content; thank you very much!
I appreciate that!
Excellent Dave! Thank you for the wonderful content. After 30 years, you are finally getting good at C and C++ 😁 Gold 👍 I moved to C# instead. Loved the sudden style change of no braces after 30 years. Code style changes are fascinating! I know it just feels right, but why didn't it before? What is your opinion of single line "if" statements? Mine seems to vary. Were you ever subjected to stupid coding standards about such things? My C++ topic suggestion is Templates.
I know I use single line ifs only for guards if(!valid) return;
I'd love to watch an episode about functors, I really enjoy this channel!
Roll out for SP2 went surprisingly well and updating XP rigs payed for many coffees over the years leading upto win7.
So, Thank you Dave.
I'd love to see a MS-DOS icon and TaskMan UI enamel pins.
I have a limited run of 100 TaskMan enamel UI pins that I had made. I've given away a few to users that have suggested cool video ideas or caught obscure easter eggs, that sort of thing. But they're pretty rare!
@@DavesGarage Well it never hurts to ask so thank you for the speedy reply
If I order 2 coffee cups the proceeds go to the npo/charity (awesome) however do you ship them directly or that a hands off process so to speak.
Sorry for the late reply, I'll try not to be a time thief. xD
Great Video. The /w4 /wx touched my heart. 💖 Hope not too many Devs did blind suppression after it was implemented.
Props for the Atari 830 Accoustic Coupler modem on top of the 850 Interface! Took me a second to realize what I was looking at.
Refreshing. Miss my Kernigan and Ritchie days but I dont remember any of these functions. Nice and understandable.
The recommended way of including standard C headers in C++ is to include instead of , instead of , etc.
Since I was not using any C++ specific features, I kept it C-compatible, for the most part. But when I'm doing C++, I do it the way you indicate!
Here's a good C++ topic: Template meta-programming
Lots to cover there, could do a whole series on it, there's a lot of useful stuff it can do but most C++ programmers (including myself) aren't too familiar with how to use it effectively, and less experienced C++ programmers basically see it as black magic.
but it's just like typesafe macro expansion with some syntactic sugar on top of it tho. And it gets even more typesafe with concepts and the 'requires' keyword
Rule one about temple meta programming is that if you think you need it, you are probably wrong. However, there are a handful of really compelling reasons to use it. Still even on teams with exceptionally smart programmers I have found that few are capable of maintaining templates...
@@dougpark1025 I work in games, anything that can be done at compile time is a huge win over something that is done at runtime. Usually we need to have big blocks of comments explaining what the magic values we use are, and checklists for modifying anything they were based off so the magic values don't get outdated. Template meta-programming can solve a lot of those cases at compile time and are generally more powerful than macros which often can't do what we need. Though it definitely isn't something that is needed frequently.
The ellipsis operator/variadic functions would make for another great topic for a video (or a few if you get into templates and parameter packs). Another great common pitfall topic to cover for C++ would be implicit narrowing conversions. It's an area where I think many C++ devs. don't know all the details, and are uncomfortable asking.
👍 @Dave'sGarage your content is fantastic these use cases are more advanced than my current skill set. Primarily due to me still being in the introductory phase of my C++/programming journey. Today I was test my knowledge of how to use Composition In C×+ without my textbook. Additionally, I have not used a debugger yet with any my textbook lessons. However, your content is Gold to me. Your content provides value. Thanks.
I program from the 1980's started with a 1802 in assembler. Then C and even fortran. But I still learn from video's like this. My daugter is now programming in C++ so I have to catch up my skills. It is good to take some time to upgrade your coding skills. Thanks
You finally made C an interesting topic! ♥️♥️♥️♥️ I know a lot of the details went way above my head, but I enjoyed this video 👍👍👍👍
Glad it was helpful! Or at least enjoyable!
God darn it.... I'm addicted to this channel
It's pretty great
Welcome to the club.
Hi Dave, thank you for the amazing content. Your sizeof "change" after 30 years really hit me, to me being able to test new styles of coding and not get stuck in "I like it this way" is a sign of a good programmer.
Hey Dave! Love the content. Just wanted to let you know that you can add timestamps to UA-cam videos in the description and it will put them in the video timeline in the player. Super useful for content like this!
It is considered good practice to include your own examples to show the utility
1:00 the start
2:00 another minute
3:00 etcetera
@@peteralund yes, but usually fans do this 'dirty' work for him.. LOL
Dave, thanks for the lessons. I use these functions all over from firmware to software.
I will keep this video next time I need these functions on software.
Taking me to school by Dave.
"Now that I'm getting good at it..." - that's the thing - at the time, you think you're great, but when you look back, "Wow, I was bad" - experience really is such an important part of being a good programmer.
I very much enjoyed the history lesson at the start. It was around the XP SP2 release that I jumped ship to Mac. XP had just been too troublesome for me to keep going with it, and it also felt like Apple were bringing new features into the OS at a time XP wasn't really changing from a user point of view - now I know the developers were all working on security at that point.
It's impressive how far Microsoft have come. I use Win 10 on my gaming rig, and really like it. If I was just a Windows user now, there's absolutely no reason to move to Mac OS that I can see anyway.
this is awesome
, the sound effects and animations are all well placed!
Very informative and a fantastic reminder of why I gave up with C++
I programmed for IBM S/370 computers running variants of OS. My main languages for Assembler F (for systems code), COBOL, PL/1.
In Assembler, I might have had the odd problem with pointers and timing, and I had a couple of spectacular paper eaters. One generated "Intervention required" on a virtual printer. Had the operators confused. I filled VM's printer spool. And there was the paper cutter. The printers used continuous paper, and it was customary to print a line of asterisks on the fold between jobs to make it easy to find them. Print enough lines of asterisks on the same fold line and the paper gets cut. Operators don't like that.
Since I did interesting new magic things, the operators were generally pretty forgiving. It helped that I was running in a test environment.
IBM types got to use PL/S and later PL/X similar to PL/1.
The funny thing about the "don't do security by obscurity" is the fact that ALL security protocols are based on obscurity, whether it's passwords, hardware encryption, the exact shape of the working surface of a physical key, ALL of it is, in some way or another, based on the specifics being hidden from an attacker obscure.
Sideways attacks don't break the security barriers, they more or less teleport around it.
Except biometric
+1 for Neil Stephenson. Reading Termination Shock now . . .
An electrical engineer who has been C and C++ programing since the early 80s - first on Mark William's Coherent Unix running on an early IBM PC. Remember well when the _s functions were implemented and required updating my code. Annoying at the time, but appreciated the reasoning behind them.
I favour asprintf() for that job as is standard enough, needs little thought and fails in a simple way. More generally just don’t use functions which are still easy to get wrong. That’s what C++ and other languages’ string classes are for
Came here to say this. Given the choice between safe non-standard and safe standard functions, choose the latter. C++'s string class is better at handling strings anyway.
In some contexts it's better to avoid heap allocated memory.
@@evanwilliams2048 you can use a custom allocator or use string views
It will be great to see C++ custom allocators
I've read the Scott Meyers "Effective C++" and I really feel that those books made me a better C++ developer, made me understand why to do things in a certain way, and what not to do. But nowdays, I'm not so sure I am that efficient in C++ anymore, new standards, etc. Would be neat to see some small videos on what to do and what not to do in modern C++. Like move operators vs pass by const ref etc.
The Meyer's books are the best, I think. I want to do videos on a few of those topics, as you say, like move semantics and const ref, etc!
I wonder: How old is the oldest line of code that can be found in Windows today?
Are there any NT-code that are still being used with little to no modifications?
Yeah the FAT32 disk format tool is from the NT days. He did a video on it. Likely some older than that. But you have a definition problem, for example some C libraries may be very old even older than any windows OS and those could be considered lines of code in windows with little modification.
I remember watching a video a while back about someone taking a very early version of Windows (don't recall the start point, but it was definitely pre-3.1) and running every Windows upgrader in sequence up to the latest version. Each step along the way, they would stop and see what had changed and, more interestingly, what had not. And there were definitely some holdovers from the very early days in there.
The custom keyboard layout maker doesn't accept file paths with whitespaces or other weird characters, and it seems like this "bug" has been present for a long time. I found some complaints on a 2004 forum.
I can think of a few things that look like they predate NT. Character picker, Hyperterminal
I love your videos. There's really no one who does stuff like this.
pragma warning suppress will disable the warning only for that one line of code. Saves you 2 unnecessary lines of precompiler text pushing and popping
I've been playing with C/C++ for nearly 30 years, the first thing in compiling code, is to make sure it compiles clean, no errors, no warnings.... I sometimes see other peoples code, such as some libraries and there are hundreds of warnings in the code..... Warnings are problems in the code, you can spend weeks trying to track down logic bugs, that the compiler actually warned you about.
For strings on modern computers in C, I like to define them this way:
char *buff
.
.
.
buff = (char *)malloc(512);
memset(buff,0,512);
I now know that, the data space is zero filled. I've sometimes, memset the buffer multiple times, because I am using is as a string, before freeing at the end.
Great video as always, thank you, Dave. But for any programmers reading this: please, PLEASE do not EVER throw exceptions of any types not inherited from std::exception! Use std::runtime_error, or std::logic_error, or any other exception type from . Or write your own struct / class, but inherit it from std::exception.
Exceptions are a billion dollar mistake in general. They make reasoning about the state of a processes data extremely hard and are unnecessary for flow of program control. Functions that return error codes can be used to achieve the same effect without complex stack unwinding
@@AbAb-th5qe Exceptions aren't great, but random integer error codes are even worse.
I appreciate the input and you're technically correct, but the problem is that you can't really do that in a UA-cam video. Now you've lost at least 15,000 people at "WTF if std::exception and std::runtime_error and std::logic_error and why do I need stdexcept? What's a namespace? Why is Dave skipping over all this stuff and not explaining ANY of it????? Why did he write his own struct/class an inherit from std::exception without explaining why he did it? I'm going to watch Amanda McCants programming instead."
Or, the alternative would be a 45 minute video that no one would finish. Note that I didn't even bite at the apple of "parameter validation with exceptions is a bad idea because malformed input is not truly an exceptional case" and so on. There just isn't time.
In other words, you can only introduce so many topics at a time and you can't leave loose ends like that. So it's better in a video like this to throw the absolute simplest thing (I would have thrown void, if you could). And then, when I do introduce exceptions, I'll discuss the proper way. But for now, the only point I wanted to cover is "You can use an exception from the handler". The minimal amount of syntactically code to do that is best, at least for the video. Now I regret the negative since, it's longer! Is throwing a negative int a good way to build an exception heirarchy? No. Is it correct? Yup.
Now you don't want to introduce bad style (which this is), and but you never want to be incorrect (which it isn't). So given the choice of poor style brevity and verbose completeness, in a venue like this you have to go with "shortest correct". Which is why magazines and so on often omit error checking... not to teach that you shouldn't check for errors, but because the space provided doesn't allow for it.
But as I said, you're right. Exceptions are very hard to get right. Witness how bad it was in MFC and early attempts. I'm not even sure the CRT has it solved. But I know that to this day, I have never been involved in a significant project that was exception based. Everything I've ever worked on that was successful was standard if-else failure code logic. Heck, I even pass std::nothrow and check memory allocs myself! You just can't "dabble" in exceptions.
@@DavesGarage Yeah. errno was a terrible idea as well and where error codes are returned by functions in the c standard library there's no consistancy. The toolkit library in mac os classic actually did this fairly well.
@@AbAb-th5qe The problem with exceptions/longjmp is that they are slow because of how memory is handle, on the other hand a jump table using if statements are faster and causes less overhead.
But that being said deepening on what you are programming exceptions/longjmp can be a good alternative.
For anyone wanting to know what makes a C function hazardous just look up "gets". "It stops when either the newline character is read or when the end-of-file is reached, whichever comes first". That ought to be ammened to add "or when something critical gets overwritten".
Would love a third episode! :)
Would be cool if you talked a little about c++ / c# interop!
Can you tell me what you mean? I do have some stories of how the shell was originally pure C but worked with C++ and COM by manually calling through vtables and such!
@@DavesGarage I have still never tried to ha e C call through a C++ virtual method table. Seems I need to set up a weekend project on how to abuse a computer language. 😀
Like calling native code from the .NET framework? PInvoke, Marshaling, [DllImport], all that jazz? I'd be keen for that!
I am just now exploring ImportDLL and the concept of having a static library that is used to load in the dynamic libraries. My code doesn't work quite yet, but getting there.
Using C++ CLI for .NET interop. is a great topic. It's still often way cleaner, easier and less bugprone to author interop. libraries in C++ CLI than any other .NET language when wrapping C and C++ libraries. There are lots of interop. layers still out there built this way that can be a challenge to maintain for devs. unfamiliar with this technology. Many great potential pitfall topics to talk about like CPU target architecture dependence for memory alignment and handling callback functions from native code without crashes on app. shutdown in .NET applications as well.
It's more than 15 years since I coded in C/C++... OMG I lost it all sadly :( which video proved to me. I remember really disliking (almost hate) C# in the beginning because I felt I lost control, I wanted to manage memory allocation/management my self.
First off, great video. Secondly...wikipedia says you are a master at Tempest. Which is really impressive to me, because that was a really hard game due to having to precisely control that spinner control. I love how youtube introduces us to so many cool people with interesting things to say and teach.
Your sizeof broke my automatic reading of C more then I expected it would.
“Now that I’m finally getting good at it…”
Subbed
Good book recommendations, Snow Crash for imagination, Writing Secure Code for the craft.
The way that C++ manages exceptions is pretty different from other programming languages. Windows approaches exceptions slightly different from other operating systems too.
Windows exceptions are just getlasterror
Love these informative videos, Dave. Some topics I'd enjoy seeing your take on would be how type erasure objects and operations are working behind the scenes (std::function, std::bind, etc), variadic templates, and threading.
Cryptonomicron - Another good read after Snow Crash
I’m endlessly happy I found this channel. You explain these concepts so efficiently! Could you possibly make a video on code optimization?
How about a comparison of how to write a window/GUI-based "Hello, world" in C# vs C++, and which language is more popular for modern development. For those new to Windows development, a quick segment on Visual Studio Community vs Professional vs Code would be nice too -- a "how to get started guide", if you will.
Ladies and gentlemen, the man, the myth, the legend... Dave Plummer!
woah! if you haven't read snow crash you should, it's a modern classic. The main character is a katana wielding pizza delivery man who delivers pizzas for the mafia in an armored sports car. That alone should be enough to make you read it
Dave, you mentioned in your previous episodes that some code you build for Microsoft OS, was non-debuggable. Could you share some ideas on how to make some of our critical code non-debuggable as well? The only idea I get in my mind is to measure code execution time and if it is more than expected, then change code execute flow to mislead the person who is trying to debug.
Look up "The Ultimate Anti-Debugging Reference" by Peter Ferrie. It's a bit old now and nothing is completely undefeatable, but it may give you some good ideas.
For example, one of my favourite techniques is to have the program run itself as a debugger, and have the debugger parent process change the control flow of the child process in a way that is necessary for it to work (have the child throw an exception, parent catch it and set a new thread context, or write to the process memory, etc.) This means you can't attach to the child process (which is the bulk of your program) with a debugger since, there's already a "debugger" attached (which your child process is dependent on to function correctly)
he's probably talking about code not being debuggable by Visual Studio, so simple checks such as IsDebuggerPresent would work for that. it completely falls apart when you use a third-party open source debugger such as x64dbg which can hide itself
@@TheAndreArtus Yeah, I've seen the timing idea used in the wild, but it's not a good anti-debug IMO. Of course, like I said, none of them are undefeatable. They only create a temporary hindrance.
The reason I don't like the timing idea is that any freeze up or temporary lag spike could trigger the check - and, it's usually not difficult to work around, either. It's a high risk, low reward technique.
Unless you know how to remove such a protection, you're not really in a position to create one. Modern protections like Denuvo hire hackers to break them on purpose, then continue to revise until they can't be broken (easily) anymore.
Take a look how cpus cache code ahead. You can write code “assembly” that modifies the next statements executed to distract the person analyzing/debugging the code. If debugged, the flow gets misdirected from the actual cached code execution. If undebugged, the original code executes in the “fast” undebugged and original code execution. Smart debuggers will catch that and just skip those lines to remain on the original path, they might nop out those lines trying to fool those unaware of cpu code caching.
@@robertsentgerath1008 Unless I am mistaken, that wouldn't work on x86 at least. Calling FlushInstructionCache, while good practice, is not strictly necessary there. I assume since the OP asked here they're asking about Windows/x86, but I don't doubt it would work on other CPU architectures
I miss the fun that could be had with netsend back in the day. I can see why that may have been an issue though haha
Dave, I know I am a little late the the party, I would love you to go into detail into how to optimize error handling best practices when writing in visual studio. I totally didn't know that trick about calling a separate function instead of the whole abort/retry/ignore window. I don't think anyone at work does either, as I have never seen it before. I use try/catch, but I am not sure what is the proper way of catching say... a hardware error, in say... a serial/tcp/ip return and perhaps returning and logging previously called function calls and other stuff. I only recently learned about the "__func__" macro, which is pretty amazing when it comes to logging. This is more related to debugging rather than production. Great video!
"Maybe somebody is gonna pipe the entire Oxford dictionary into my zip code field" - good line
A topic I would like is the linker and linker scripts. An often overlooked part that, when understood, makes so many things more understandable. At least to me as an embedded developer. Sadly this topic is something I seem to have to constantly re-learn. I read up on it, I forget, I read up on it, I forget....
Love the example of malicious intent: "Maybe somebody will pipe the entire contents of the Oxford dictionary into my zip code field."
I'm currently on a sick leave, since i have some sort of shitty flu. I found your gold mine of a channel and i've been watching it for the last few days. Its amazing. Thank you for the great content in general.
PS: Video idea - What will be cool is if you compare native M1 ARM code to an x86 app using Rosetta with the prime sieve algorithm. Yes the native code will be faster, but by how much? Or a better question - how good is Rosetta? From what i've read in reviews - pretty damn good.
hands down strcpy, it's like a time bomb in C
saw this issue 15 years ago at the company I was working for, used standard library strncpy, etc...
I do remember the C string functions being a pain as I always got the impression that when you try to make something idiot proof and someone will make a better idiot. I say this after I had some coder who did not use exceptions they used 'shudder' goto
I didn’t really understand most of what you said, but i enjoyed the video!
I have a 100TB NAS too (Synology)! Glad I am not the only one, lol. I also have a 36TB NAS (also Synology), a 3TB SSD TrueNAS Core for testing and a 32TB TrueNAS Scale, lol
Very good initiative of Microsoft to introduce those _s variants. What I don't like is that in case of invalid argument they may end the program in case you use the default handler. Not sure if that's a good thing when most string functions are GUI related. Windows XP sp2 was a great service pack btw (contrary to NT 4.0 sp2)
I'm curious on how the Windows codebase migrated code using far pointers to the flat addressing model
It was all largely rewritten for the Win16->Win32 conversion, but that was done just before I arrived!
The hell is a far pointer?
@@iDontProgramInCpp in 16 bit x86, a 16 bit segment:16 bit offset address in memory.
This is generally rearranged into a 20 bit number representing the flat real address in the 1mb address space.
Regular pointers are within the 64k block relative to the segment value set by the os (com) or specified/assigned after relocation (exe).
16 bit code in real mode was generally only able to address 64k without far pointers.
@@1971merlin who thought that using this mess was a good idea?!
@@iDontProgramInCpp it was a matter of keeping retro compatibility and cost of memory back then pressuring the design, if I'm not mistaken.
Keep up with Your excellent work.👍
I also like Your sense of humor 😂
Very useful programming best practices. Thank you.
Glad you think so!
How are these videos free? Thank you so much, your videos are super helpful and educational!
Discovered your channel today and I subscribed!
Topic suggestion: Pointer to member function [ptmf] within, say, a Standard Template Library container, such as:
map myMap { {"-E", ptmf1}, {"-B", ptmf2}, {"-Z", ptmf3}, {"--kay", ptmf4}}; where ptmf1, ptmf2, ptmf3, and ptmf4 all have function prototype signatures like,
void *(*)(string, int);
10:32
You are not the hero your team deserved, you are the hero it needed!
(I don't know if your team deserved you, but you are definitely a hero for that action :D)
I'd like to see something on rvalue rederences, designing classes for move semantics, implementing constructors, operator=, etc, automatic memory management and exception safety
I have no idea what the heck you talk about but I still watch all the videos.
In this day and age, thinking about such things as buffer overflow in the smallest pieces of code - that must've been a terror of programmers. Being a C++ programmer - you don't think about the working of the program as a whole - because you need to focus on making your smallest function working properly, like simple string concatenation :P.
But the biggest flaw of C and C++ is in my opinion lack of standardized, enforced type of exceptions that save whole stack. Nowadays in any modern language - when you have an exception, you get the whole stack of it - in some languages you not only get the names of functions, but also all their parameters. Looking back at C and C++ - it seems like we currently have heaven on earth.
i love this , brings back memories
Been coding C# for so long, I even forgot this was an issue :)
Thanks dave.