https://www.cossacklabs.com/blog/macros-in-crypto-c-code.html
Like death and taxes, one thing that you can be sure of is that using C macros in a modern software project will cause a debate. While for some macros remain a convenient and efficient way of achieving particular programming goals, for others they are opaque, introduce the unnecessary risk of coding errors, and reduce readability.
The criticism of macros is particularly acute in the wider security community. Among Cossack Labs' engineers and the core Themis crypto library contributors there are people who previously worked on auditing cryptographic implementations of critical code. Their typical knee-jerk reaction to macros was always "kill it with fire and never use it again". Taking no sides, we would like to assess both pros and cons of using such dangerous things as macros in security code (as we faced the issue when developing Themis) and suggest some techniques for lowering the accompanying risks.
We'll also discuss a custom "for-audit" build target for Themis designed specifically to generate source code that exposes the macros to inspection because we appreciate the need for security software to be subject to detailed source code scrutiny.
(Score: 2, Interesting) by Anonymous Coward on Saturday December 02 2017, @03:57PM (2 children)
(Score: 2) by hendrikboom on Saturday December 02 2017, @10:24PM
If you want a different language, you should use a different language.
If you want to compile to C, that's OK. But then you should parse that different language with its own parser, checking for proper syntax. Hoping that syntax failures will translate to invalid C is not the best way to produce diagnostic messages.
(Score: 2) by crafoo on Saturday December 02 2017, @11:55PM
hahah wow. That's like an interpretive art project. Sadly, I've seen similar things but not to that level.