Modern toolchains offer a wide range of tools for identifying errors during the QA (various sanitizers, fuzzing, property-based testing, etc.). However, critical software running in production also needs UB protection. This protection, also known as «hardening», must be comprehensive enough to prevent the most common vulnerabilities while remaining lightweight enough to avoid a significant performance impact. The talk covers the hardening features available in modern toolchains (ASLR, Glibc and STL checks, etc.) and their influence on the evolution of C++.

A short talk about JSON serialization to chase down last year’s talk about string escaping. We’ll quickly go through escaping as part of serialization, and why UTF-8 validation is there (we’ll remind ourselves about epic fail and drama around escaping in PostgreSQL).

We’ll look at serialization and discuss:

• ways to traverse elements of a JSON document using recursion;
• nuance of serializing floating point numbers;
• reporting errors, and nuances of exception types (in the context of string serialization);
• serialization of elements of unordered dictionary (associative container) in sorted order. And a bit more.

We will take a look at strict aliasing, restrict, the optimizations they enable, and some surprising behavioral nuances. We'll also investigate how they affect performance, and the difficulties of supporting them in compilers and the C++ standard.

How C++ projects used to link external libraries in the past and how they do it today. We’ll review system dependencies via pkg-config, the magic behind find_package () in CMake, and the dependency () directive in Meson. We’ll also look at how Conan and vcpkg are changing the build approach, and take a glimpse into the future: CPS as a new standard for cross-language dependencies.