Path: ccsf.homeunix.org!ccsf.homeunix.org!news1.wakwak.com!nf1.xephion.ne.jp!onion.ish.org!onodera-news!newsfeed.media.kyoto-u.ac.jp!news1.optus.net.au!optus!spool01.syd.optusnet.com.au!spool.optusnet.com.au!not-for-mail Newsgroups: japan.anime.evangelion Subject: Re: Which programming languages in NGE? From: David Scarlett References: <3d2175ea$0$21000$afc38c87@news.optusnet.com.au> User-Agent: Xnews/5.04.25 X-Flame-Protection: Asbestos X-Face: &W%Fw{i)Ds>-#J`>te=fUe7<:|/D<7. NNTP-Posting-Host: 210.49.187.136 X-Trace: 1025621039 21000 210.49.187.136 Xref: ccsf.homeunix.org japan.anime.evangelion:548 Rudolf Polzer wrote in news:slrnai33df.j5h.AntiATField_adsgohere@www42.durchnull.de: > C is undergoing too many changes. Three widely used standards. Eh? The majority use C90, with a minority using C99.... What's the third? > That's what someone in de.comp.security.misc wrote (I hope you see > the mistake): > >| char *ptr = malloc (strlen(source)); >| if (!ptr) exit (EXIT_FAILURE); >| strcpy (ptr,source); >| /* Wer das nicht kann, sollte IMHO gar nicht C programmieren. >| */ > (If you can't do this, you shouldn't use C) Should be "malloc(strlen(source)+1)" and that conditional should be "if (ptr == NULL)". It's not guaranteed that NULL pointers will be represented the same as a 0. ;-) > It happens just too easily because C does not have a string > datatype that does these things for you. > > A simple > > #define stralloc(N) calloc ((N) + 1, 1) > > (when using calloc, the string returned has zero length, so other > mistakes are avoided) > > and this mistake would have gone. Why isn't that in ? I really don't see much use for it... You call always use calloc yourself without a macro, or make sure your string isn't printed before something meaningfull is put in it, or even just declare it as an array (with the length specified in the code) and limit how much you put into it.... > Then there are no variable-length arrays on the stack. You cannot > write > > void f (unsigned int n) > { > char a[n]; > /* ... */ > } IIRC this was added to C99..... > Having to use malloc all the time is memory-leak-prone, especially > because there is no better exception handling than atexit() and > longjmp(). This would be another good thing for C: Well remember C was designed to write Unix in.... It's not meant to be a very high level language, more of a portable assembly language... > And gets() is not the only such function. sprintf, *scanf etc. are > just as dangerous and especially for sprintf there is no safe ANSI > C replacement How is sprintf dangerous? You know the length of the string you're printing before the variables have been inserted, and you can control the length each variable is displayed to..... > Another flaw is that 'unsigned' is a longer word than 'int', > therefore many programmers use signed integers where unsigned ones > are correct. Turbo Pascal did this right, 'integer' was longer > than 'word'... LOL. Now they're just being lazy. :D -- David Scarlett Remove entryplug to reply via email.