Re: [E-devel] Engage / strcmp v. strncmp

Fri, 17 Dec 2004 19:47:01 -0800 

On Fri, 17 Dec 2004 22:23:07 -0500 Frederick Heckel <[EMAIL PROTECTED]>
(Bbabbled:
(B
(B> On Sat, 18 Dec 2004 09:58:19 +0900 Carsten Haitzler (The Rasterman)
(B> <[EMAIL PROTECTED]> claimed:
(B> > thanks kim :) couldn't have said it better :) as an addition - beware
(B> > of the notion that just because you go use strncmp (or some strn
(B> > function) doesn't suddenly make your code safe. its a notion  the very
(B> > inexperienced get if they just go read some book or advice column
(B> > saying they should use strn... the only way to do this is sit back and
(B> > THINK of the input, output and possible errors and cover them in the
(B> > code. that always requires sitting and thinking about it:) so just
(B> > beware. it's not a fix. it's a pitfall of making you THINK you're safe
(B> > when you really are no safer than before.
(B> 
(B> It's true that you can write bad and unsafe code with any set of
(B> functions, and doing something like using the strn set rather than the
(B> str functions doesn't automatically make code safe. That doesn't
(B> invalidate the value of using strn functions and keeping careful track
(B> of your buffer sizes. Don't get me wrong, I'm sure all the major
(B> developers know the size of the buffers they're using, and probably will
(B> not overflow them, but when you've got code that a potentially very
(B> large pool of people will modify-- as either part of the development
(B> cycle for e, or as code reuse in a separate project, or a fork of one of
(B> the e projects-- it really just seems like a better idea to be explicit
(B> about it.
(B
(Byes - but the solution is not (in this case) strn but fixing the problem
(Bupstream - ie blindly using string pointers without checking them :) or for that
(Bmatter passing in invalid ones (ie NULL may be invalid for that function). :)
(B
(B
(B
(B-- 
(B------------- Codito, ergo sum - "I code, therefore I am" --------------
(BThe Rasterman (Carsten Haitzler)    [EMAIL PROTECTED]
$BMg9%B?(B                              [EMAIL PROTECTED]
(BTokyo, Japan ($BEl5~(B $BF|K\(B)
(B
(B
(B-------------------------------------------------------
(BSF email is sponsored by - The IT Product Guide
(BRead honest & candid reviews on hundreds of IT Products from real users.
(BDiscover which products truly live up to the hype. Start reading now. 
(Bhttp://productguide.itmanagersjournal.com/
(B_______________________________________________
(Benlightenment-devel mailing list
([EMAIL PROTECTED]
(Bhttps://lists.sourceforge.net/lists/listinfo/enlightenment-devel

Reply via email to