From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Newsgroups: comp.lang.ada
Subject: Re: How to get nice with GNAT?
Date: Wed, 26 Nov 2014 09:41:05 +0100
Organization: cbb software GmbH
Message-ID: <6z37nmmc7k1p.w51v6tje5qh6.dlg@40tude.net>
References: <slrnm6u97f.nrc.lithiumcat@nat.rebma.instinctive.eu>
 <dda292cb-97ac-4ab5-b29d-b3c0ec232c5b@googlegroups.com>
 <m4th8h$jce$1@dont-email.me>
 <0d8452a9-68c9-4835-b6f3-17407132ca9f@googlegroups.com>
 <jtq67a5ffb7fm44joao6a7nbvav7mdq29o@4ax.com>
 <8194a204-7b15-463d-a2fd-4d3ba342fe97@googlegroups.com>
 <8f203a9a-6c7c-4614-bc7d-efa65bf10776@googlegroups.com>
 <m52urp$9nc$1@loke.gir.dk>
Reply-To: mailbox@dmitry-kazakov.de
NNTP-Posting-Host: nyHeW7QjJmC1odUjK4LkDA.user.speranza.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: 40tude_Dialog/2.0.15.1
X-Notice: Filtered by postfilter v. 0.8.2
Xref: news.eternal-september.org comp.lang.ada:23736
Date: 2014-11-26T09:41:05+01:00
List-Id: <comp.lang.ada>

On Tue, 25 Nov 2014 16:12:07 -0600, Randy Brukardt wrote:

> Exceptions surely aren't enough to prevent all security issues, but they can 
> help avoid a substantial number of them.

Exceptions is a tool to improve design:

1. Cleaner interfaces
2. Cleaner code
3. Less coupling between the provided and the client
4. Better performance

Fewer security issues is a consequence of a better design.
 
> (As previously noted, if you could prove that no exceptions are possible - 
> meaning that no low-level bugs are possible - that would be better than 
> having to figure out last-chance handlers and the like, but that's still 
> beyond the state of the art for general purpose code. When that changes, 
> I'll reconsider my stance on exceptions, but not until then.)

I would add that usual rants about unhandled exceptions is rubbish. Because
other methods of indicating an alternative execution state require handling
no less. Errors of not handling such states are *less* visible without
using exceptions than with exceptions.

------------------
* With exception of exceptions (:-)) introduced without need, e.g. like in
the notorious accessibility checks.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de