Re: Comparing string input to enum data type

"Bill Pursell" <bill.pursell@xxxxxxxxx> writes:

Just a general tendency to refrain from using
strcmp. In this case, since one of the strings is
fixed, there's no security issue with strcmp (until
the code maintainer modifies the code...),
but I believe it's a good habit to use the strncmp
variant.

What kind of a security issue would there be with strcmp?
--
"Some programming practices beg for errors;
this one is like calling an 800 number
and having errors delivered to your door."
--Steve McConnell
.

Relevant Pages

  • Re: Comparing string input to enum data type
    ... since one of the strings is ... there's no security issue with strcmp (until ... I'd be more afraid of getting the strncmp() ...
    (comp.lang.c)
  • Re: strcmp() question, 4 words, two strings, equal return value.
    ... >> I have a question about strcmp(). ... >> compared if it were two strings. ... So basicly a binary tree of pointers that is linked with another ...
    (comp.lang.c)
  • Re: strncmp performance
    ... >> Have you tried forcing your compiler to use inline code rather than a ... >> than strcmp(), but the problem is that you need to pass to it the length ... >> use of memcmp() if you know that the strings are the same length. ...
    (comp.lang.c)
  • Re: First C Program, Problems getting serial data
    ... Determining if strings are equal or different is useful. ... below the last compared character in the other, ... I'd posit that strcmp() is _essentially_ a boolean ... It is a comparison function designed to work with qsort. ...
    (comp.lang.c)
  • Re: Problem with gcc
    ... If it's a string then strcmp. ... So strcmp thinks that, for the purposes of comparison of strings, ... the characters in strings should be treated as unsigned chars. ... So in some contexts, strings are more reasonably considered to be ...
    (comp.lang.c)