Feeds

Binary interfaces in component development

A template class with static data - how can that possibly go wrong?

Combat fraud and increase customer satisfaction

As we know, with few exceptions, a C++ compiler instantiates a template whenever it is specialised, and the template definitions are available (see the ISO C++ standard paragraph 14.7.1). In our code, the template definitions are in the header file so the template definitions are always available. This means that each cpp file that uses the template will contain instantiated definitions of the static object in the compiled object file. When object files are linked, the linker notices that there are many definitions of a single symbol and it merges all definitions into a single definition. Such symbols are marked in the object file as “weak”, so that the linker will unify multiple definitions instead of complaining about a multiply-defined symbol. A counter example of a “strong” symbol is a non-inline function definition; here the linker would give an error if it came across a duplicate definition.

When these definitions all occur in a single monolithic binary, there are no problems. This is shown by the following example, where we introduce a singleton class that we implement via our GenericSingleton template. If the implementation works correctly then this object will be constructed and destructed only once. To test our singleton we add two further cpp files containing code that uses the resulting singleton, and a further cpp containing the main function. In our initial test, we run it as a monolithic binary and we expect that only a single singleton object will be constructed – see Figure 1.

Figure 1: Shows that everything is OK when we're building statically.

The above is the case where our binary is linked monolithically, using only static libraries and everything works. Now, imagine a scenario where your manager wants to decompose the project, so that different project teams can be responsible for their own dynamic library, so that development can occur in parallel, so that functionalities can be unit tested without rebuilding everything - and for all the other reasons that motivate people to use dynamic libraries. This manager, like lots of people, comes from a planet where an application can be built interchangeably, either statically or dynamically, with no difference in behaviour.

I’m sure we’d all like to come from this programmer’s paradise too, but until we can find a way to move there, maybe we’ll have to support our user base here on Earth with its less than perfect operating systems. So, what will happen when we take our simple program and change it from a monolithic binary into a set of dynamically-linked components?

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.