hi all,
i am writing a code in which i have a char buffer "cwdir[]"
which hold the current working directory by calling the function
getcwd(). later i change the directory to "/" as i have to make my
code Deamon. and later again i want to run some other executable
available at the path holded by the "cwdir[]" using the system()
system call. presently i concatenate program name (to be executed) to
the "cwdir[]" and use system(chdir)to run the program.
do we have any facility to automate this process as i need to run
many other programs also using the system() system call for ex as we
can use the ## symbol to cancatenate in macro ...
--shri
Nov 14 '05
37 8548
In <x7************ @bolo.xenadyne. com> Sean Burke <fo****@mystery .org> writes: Since you mention security (e.g. buffer overflows), it's worth adding that strcpy, strcat have long since been deprecated in favor of strlcpy, strlcat.
On the contrary, any C program using these identifiers with external
linkage invokes undefined behaviour.
Whoever wanted to improve upon strcpy and friends should have had enough
clues to avoid identifiers belonging to the implementation name space.
lstrcpy() and lstrcat() would have been ideal names for this purpose.
Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de Da*****@cern.ch (Dan Pop) writes: In <x7************ @bolo.xenadyne. com> Sean Burke <fo****@mystery .org> writes:
Since you mention security (e.g. buffer overflows), it's worth adding that strcpy, strcat have long since been deprecated in favor of strlcpy, strlcat.
On the contrary, any C program using these identifiers with external linkage invokes undefined behaviour.
Maybe Mr. Burke misspelled "strncpy" and "strncat", mentioned in
ISO/IEC 9899:1999 under 7.21.2.4 and 7.21.3.2 ? Their prototypes (in
<string.h>) are
char *strncpy(char * restrict, const char * restrict, size_t);
char *strncat(char * restrict, const char * restrict, size_t);
--
Maurizio Loreti http://www.pd.infn.it/~loreti/mlo.html
Dept. of Physics, Univ. of Padova, Italy ROT13: yb****@cq.vasa. vg
Maurizio Loreti <ml*@foobar.i t> writes: Da*****@cern.ch (Dan Pop) writes:
In <x7************ @bolo.xenadyne. com> Sean Burke <fo****@mystery .org> writes:
>Since you mention security (e.g. buffer overflows), >it's worth adding that strcpy, strcat have long since >been deprecated in favor of strlcpy, strlcat.
On the contrary, any C program using these identifiers with external linkage invokes undefined behaviour.
Maybe Mr. Burke misspelled "strncpy" and "strncat", mentioned in ISO/IEC 9899:1999 under 7.21.2.4 and 7.21.3.2 ? Their prototypes (in <string.h>) are
char *strncpy(char * restrict, const char * restrict, size_t); char *strncat(char * restrict, const char * restrict, size_t);
Maybe he meant those, but the non-standard strl* variants are more
useful. The return values from the standard str* functions are
utterly useless, since you already knew the value. Returning the
number bytes copied is much more useful. BTW, str*cat should be used
sparingly. In most cases you have, or can easily get (cheaper than
scanning), a pointer to the end of the destination string.
--
Måns Rullgård mr*@kth.se
Maurizio Loreti <ml*@foobar.i t> writes: Da*****@cern.ch (Dan Pop) writes:
In <x7************ @bolo.xenadyne. com> Sean Burke <fo****@mystery .org> writes:
Since you mention security (e.g. buffer overflows), it's worth adding that strcpy, strcat have long since been deprecated in favor of strlcpy, strlcat.
On the contrary, any C program using these identifiers with external linkage invokes undefined behaviour.
Maybe Mr. Burke misspelled "strncpy" and "strncat", mentioned in ISO/IEC 9899:1999 under 7.21.2.4 and 7.21.3.2 ? Their prototypes (in <string.h>) are
char *strncpy(char * restrict, const char * restrict, size_t); char *strncat(char * restrict, const char * restrict, size_t);
No, I meant strlcpy/strlcat, and I find them to be better
than the strn* calls. I'm astonished to learn that they
aren't yet standardised.
-SEan rl*@hoekstra-uitgeverij.nl (Richard Bos) writes: Walter Briscoe <wb******@ponle .demon.co.uk> wrote:
In message <40************ ***@news.indivi dual.net> of Fri, 13 Feb 2004 08:06:19 in comp.std.c, Richard Bos <rl*@hoekstra-uitgeverij.nl> writesSean Burke <fo****@mystery .org> wrote:
> Since you mention security (e.g. buffer overflows), > it's worth adding that strcpy, strcat have long since > been deprecated in favor of strlcpy, strlcat.
Not in ISO C, they haven't. Maybe in POSIX.
Neither there! (http://www.opengroup.org/onlinepubs/.../string.h.html)
They ARE documented at http://www.courtesan.com/todd/papers/strlcpy.html
My summary of that is size_t strlcpy(char *dst, const char *src, size_t size); Copy a string of up to size-1 bytes from src to dst. Return strlen(src).
size_t strlcat(char *dst, const char *src, size_t size); Concatenate bytes from src to dst to form a string with strlen(dst) < size. Return strlen(dst) /* before concatenation */ + strlen(src).
The functions allow buffer overflow elimination.
Nice, meaningless statement; so does strncat(), and so does using strlen() and inserting a '\0' at the right place before using strcpy().
Have the functions been submitted for C standardisation ?
No. Might be a nice addition, but I wouldn't describe them as vital. Mind you, I won't complain if they _are_ added to C20XX.
Don't tell me that snprintf, vsnprintf() are also nonstandard?
-SEan
Sean Burke wrote:
.... Don't tell me that snprintf, vsnprintf() are also nonstandard?
No: see sections 7.19.6.5 and 7.19.6.12.
In article <c0**********@s unnews.cern.ch> , Da*****@cern.ch (Dan Pop) writes: In <x7************ @bolo.xenadyne. com> Sean Burke <fo****@mystery .org> writes:
Since you mention security (e.g. buffer overflows), it's worth adding that strcpy, strcat have long since been deprecated in favor of strlcpy, strlcat.
On the contrary, any C program using these identifiers with external linkage invokes undefined behaviour.
Whoever wanted to improve upon strcpy and friends should have had enough clues to avoid identifiers belonging to the implementation name space.
Presumably in at least some cases they could be provided by the
implementation, and in such a case programs using them would not
invoke UB, correct? This could potentially raise some tricky
questions about what is and what is not part of the implementation, I
suppose.
That said, I agree with the general point. An implementor has reason
to use a reserved identifier for a new function (it won't break
existing conforming code), but no one else does. I suppose someone
could argue that Miller and de Raadt were implementors when they
invented strlcpy and strlcat and added them to OpenBSD, since AFAICT
they added them directly to the standard library there, but their
choice of identifiers means non-implementors have to rename their
functions when porting them to other implementations .
--
Michael Wojcik mi************@ microfocus.com
Pocket #9: A complete "artificial glen" with rocks, and artificial moon,
and forester's station. Excellent for achieving the effect of the
sublime without going out-of-doors. -- Joe Green
On Fri, 13 Feb 2004 10:19:47 +0000, Walter Briscoe wrote: They ARE documented at http://www.courtesan.com/todd/papers/strlcpy.html
My summary of that is size_t strlcpy(char *dst, const char *src, size_t size); Copy a string of up to size-1 bytes from src to dst. Return strlen(src).
size_t strlcat(char *dst, const char *src, size_t size); Concatenate bytes from src to dst to form a string with strlen(dst) < size. Return strlen(dst) /* before concatenation */ + strlen(src).
All the documentation, including the above, is laughable compared to
normal std. C text. Which is probably why there are a couple of different
implementations and the two major non OpenBSD implementations are
_documented_ to act differently than the OpenBSD versions do.
The functions allow buffer overflow elimination. For a pathological case given, strlcpy is slightly slower than strcpy and much faster than strncpy because strncpy pads with nul bytes.
IMO they are even more worthless than asprintf(), they are documented
to act differently on different platforms and (unlike asprintf() you can
still cause security issues due to truncation of data).
The authors added them to OpenBSD in 1996 and report their approval for a future Solaris version in their undated paper. Source code is said to be available at ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string
The "undated" paper has references to papers published in 1998, and says:
"The strlcpy() and strlcat() functions first appeared in OpenBSD 2.4."
....which dates them between May 19, and December 1, 1998. People
_started_ to hear of them after the 1999 Usenix when the paper... http://www.usenix.org/events/usenix9...rt/millert.pdf
....was presented, which even then as way too late for C99 ... and I don't
remember hearing about them until 2000 (which was after the last std. was
released).
--
James Antill -- ja***@and.org
Need an efficient and powerful string library for C? http://www.and.org/vstr/
On Fri, 13 Feb 2004 17:12:51 +0000, Sean Burke wrote: No, I meant strlcpy/strlcat, and I find them to be better than the strn* calls. I'm astonished to learn that they aren't yet standardised.
Not only are they not in std. C, they aren't available at all on any
of the major Linux variants. They also are/were implemented subtly
differently on Solaris.
You probably also want to read: http://www.and.org/vstr/security.html#alloc
--
James Antill -- ja***@and.org
Need an efficient and powerful string library for C? http://www.and.org/vstr/
James Antill <ja***********@ and.org> writes: Not only are they not in std. C, they aren't available at all on any of the major Linux variants. They also are/were implemented subtly differently on Solaris.
They weren't implemented subtly different on Solaris; our implementation
is a straightforward clone from the original OpenBSD version and behaves
exactly the same.
You may be confused with "snprintf() " where Solaris originally
implemented it differently for "n = 0"; UNIX98 standardized
snprintf that it should return a value <= 0 for n = 0 and we're
a bit of a stickler for standards.
UNIX03 fixes that, fortunately, so the Solaris release will
have an snprintf which allows you to call it as follows:
size_t len = snprintf(0, NULL, .....);
to compute the length needed (note that snprintf can return
"-1" and set errno to EILSEQ.
Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Jonas Galvez |
last post by:
Is it true that joining the string elements of a list is faster than
concatenating them via the '+' operator?
"".join()
vs
'a'+'b'+'c'
If so, can anyone explain why?
|
by: hagai26 |
last post by:
I am looking for the best and efficient way to replace the first word
in a str, like this:
"aa to become" -> "/aa/ to become"
I know I can use spilt and than join them
but I can also use regular expressions
and I sure there is a lot ways, but I need realy efficient one
|
by: John Ford |
last post by:
For simple string concatenation, is there a difference between...
Dim s As String
s += "add this to string"
....and...
Dim s As String
s = String.Concat(s, "add this to string")
|
by: Justin M. Keyes |
last post by:
Hi,
Please read carefully before assuming that this is the same old
question about string concatenation in C#!
It is well-known that the following concatenation produces multiple
immutable String objects for each statement:
String a = "a";
a += "b";
|
by: Mark A. Sam |
last post by:
Hello,
I am having a problem with imputting into a string variable:
Dim strSQL As String = "INSERT INTO tblContactForm1 (txtName, txtCompany,
txtPhone, txtEmail, txtComment, chkGrower, chkProduceDealer,
txtOtherCustType, chkStandardBags, chkCustomBags,txtOtherBags) " + _
"VALUES ('" + txtName.Text + "','" + txtCompany.Text + "','" + txtPhone.Text
+ "','" + txtEmail.Text + "','" + txtComment.Text + "','" +
| |
by: genc_ymeri |
last post by:
Hi over there,
Propably this subject is discussed over and over several times. I did google
it too but I was a little bit surprised what I read on internet when it
comes 'when to use what'.
Most of articles I read from different experts and programmers tell me that
their "gut feelings" for using stringBuilder instead of string concatenation
is when the number of string concatunation is more then N ( N varies between
3 to max 15 from...
|
by: Richard Lewis Haggard |
last post by:
I thought that the whole point of StringBuilder was that it was supposed to
be a faster way of building strings than string. However, I just put
together a simple little application to do a comparative analysis between
the two and, surprisingly, string seems to out perform StringBuilder by a
significant amount. A string concatenation takes not quite twice as long
using StringBuilder than it does with a string. This doesn't sound right to...
|
by: Larry Hastings |
last post by:
This is such a long posting that I've broken it out into sections.
Note that while developing this patch I discovered a Subtle Bug
in CPython, which I have discussed in its own section below.
____________
THE OVERVIEW
I don't remember where I picked it up, but I remember reading years
ago that the simple, obvious Python approach for string concatenation:
x = "a" + "b"
|
by: =?Utf-8?B?RWxlbmE=?= |
last post by:
I am surprised to discover that c# automatically converts an integer to a
string when concatenating with the "+" operator. I thought c# was supposed
to be very strict about types. Doesn't it seem like c# is breaking its own
rules?
This works:
int b = 32;
string a = "ABC " + b;
Result: a = "ABC 32"
|
by: raylopez99 |
last post by:
StringBuilder better and faster than string for adding many strings.
Look at the below. It's amazing how much faster StringBuilder is than
string.
The last loop below is telling: for adding 200000 strings of 8 char
each, string took over 25 minutes while StringBuilder took 40
milliseconds!
Can anybody explain such a radical difference?
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |