Re: Fast and Safe C Strings: User friendly C macros to Declare and use C Strings.

On Apr 17, 3:14 pm, Kelsey Bjarnason <kbjarna...@xxxxxxxxxxx> wrote:
[snips]

On Fri, 13 Apr 2007 15:06:16 -0700, user923005 wrote:
Here is a C language feature that is dangerous which has to do with
strings:

static const char token[6] = "123456";

...

if (strstr(string, token) != NULL) puts("found it.");

Okay, I don't see the problem. You created a char array - not a string,
simply a char array - and passed it to a function that expects a string.

The only difference between a character array and a string in the C
language is the contents.
This is one way in which the problem can arise (and it does happen).
It can also arise from memcpy or strcpy of one char too far, assigning
the last char to a non-zero value, and a host of other ways.

If one insists upon passing about incorrect data, one is going to get
failures. This isn't a language issue, it's an issue of someone being
careless - not a good sign in a programmer. Or clueless, an even worse
sign.

It is a sign of a defect in the language. That many C programmers
refuse to see this is simply unbelievable.

If there were not literally BILLIONS of dollars of damage caused by
this defect, then the defenders would have a leg to stand on.
These problems are not always due to carelessness. They are also due
to malice.

I have seen (for instance) scanf() or sscanf() used with %s used for
reading a string, written by good programmers. This is (of course)
exactly the same danger as gets(). Herein lies the problem: They are
assuming that the program's users are sensible people who are not out
to harm anyone. In reality, this is true for 99.9999% of the users.
But that one tiny fragment on the end is out to cause harm.

It's kind of like making armor, with a great big opening over the
heart. "But people should't stab you in the heart! That's not very
nice!" Well, yes, but that's the whole point of armor.

I also think that dangerous constructs are (to some degree)
unavoidable to C. But to say that these things are not dangerous is
really putting our head in the sand.

One could also say that an unsheathed sword is not dangerous. After
all, if we do not weild it in a malevolent or incompetent manner,
nobody is going to get hurt (unless they fall on it themselves). But
in reality a sword *is* a dangerous thing because it requires *great
and competent care* not to harm someone with it. Pretending there is
no danger attached to a sword does not make it safer. If anything, it
will make it more dangerous. Pretending that C does not have
dangerous (or even badly designed) things is also something that
encourages carelessness. The very thing we want to avoid in the
utmost.
IMO YMMV.
But if you think differently, then YOIW.

.

Relevant Pages

  • Re: Delimited String to Array
    ... The casting is not required, and neither is the parsing of the string ... to make explicit what the compiler does implicitly: ... new char array, then loading it with the first character of a string. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: pcl: is LIST the same as ?
    ... >'casting away const' (although most compilers seem to be in denial;) ... >Then, to modify the string, you're supposed to be very explicit about ... that the first creates a pointer to an unnamed char array (the string ... many compilers will, in the first case, relocate the string constant ...
    (comp.lang.lisp)
  • Re: new String ( byte[] , encoding ) under the hood
    ... >characters to make an immutable char array, the place to achieve savings ... I wonder if there could be some way to hand off a char array to be ... inserted in a string. ...
    (comp.lang.java.programmer)
  • Re: could anybody help me with this simple exercise?
    ... > -A palindrome is a string that is spelled the same way ... > Write a function that uses pointersto check if the input char array is ... have an appropriate newsgroups line in your header for your mail to be seen, ...
    (comp.lang.c.moderated)
  • Piano tech question
    ... I have a rather large dumpster I rented to get rid ... snap a string I could lose an arm. ... strings before I attempt to move the harp. ... Is there any danger? ...
    (rec.music.makers.piano)