A few days ago I wrote up something on this same issue:<p><a href="http://fexl.com/goto-considered-harmful" rel="nofollow">http://fexl.com/goto-considered-harmful</a><p>However, after discussing the issue on the cryptography mailing list, I realized that the really serious problem here was not the use of goto itself, but the lack of an obvious test case.<p>Clearly Apple did not have a single test case which made the SSLVerifySignedServerKeyExchange function call sslRawVerify. Since the whole point is to call sslRawVerify, this is an astounding omission in testing.<p>The "goto fail" pattern is common throughout OpenSSL. I of course think OpenSSL stinks to high heaven, but for reasons not directly related to "goto". I do think the use of "goto" gives off a bad "code smell" though.<p>I myself never use goto. When I'm writing code, I always create "if" or "while" blocks and then fill them in. It never even occurs to me to use goto.<p>My main objection to "goto", aside from the spaghetti code which might arise from it, though not necessarily, is that goto makes it difficult to refactor code.<p>Normally it's pretty easy to move a chunk of code into a separate function. However, if that code contains "goto", then you're pretty much stuck until you factor out the goto.