Hey all,
After seeing the Secure version I/O functions thread, it occured to me
that maybe not everyone agrees with the almost universal adage that I
have heard. I have Always been told that using things like strlcpy and
other explicitly bounded functions were better than using the
non-bounded versions like strcpy.
Is this a matter of good programming style, or is this just needless overhead?
--
Aaron Hsu <ar*****@sacrid eo.us> http://www.sacrideo.us 27 2289
jacob navia said:
<snip>
Specifically, the human circuit is NOT able to NEVER make a mistake,
what computers ALWAYS DO. They NEVER make "mistakes", they always do
what they are told to do EXACTLY.
Not quite true. Hardware failures, cosmic rays, etc. But nevertheless
*almost* true.
This basic fact of software engineering is IGNORED by the "regulars"
here that always boast of their infallible powers.
Actually, I don't know of anyone here who claims to be infallible (except
perhaps in jest), let alone boasts about it. But you say the "regulars"
*always* boast of their infallible powers; if you are right, you will have
no trouble providing a reference to an article in which such a boast is
made.
--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999
On Wed, 27 Feb 2008 06:54:23 -0600, jacob navia wrote
(in article <fq**********@a ioe.org>):
But wxhy can't we make interfaces better?
We can. We do. You can create new interfaces independent of the std
library functions in many cases, or you can create "better" versions of
std library functions via wrappers to add safety features, or to
provide additional functionality. This has been done for ages. Open
source has to a certain degree wiped out the old commercial library
development market, but in either form, alternatives exist by the
bushel.
Why KEEP this OLD interfaces that have proven wrong over decades?
Because the legacy issue can't be gotten rid of just by snapping your
fingers. Billions (trillions?) of lines of C code are out there being
used. A lot of people love to reinvent wheels, but a lot more people
are still using the same wheels that were in use 20 years ago.
strncpy, gets, asctime, trigraphs, all that CRUFT?
You are free to not use them. Just because something exists, doesn't
mean you have to use it.
>Perhaps one reason why your posts are sometimes met with resistance is your seeming *insistence* that C (with your embellishments) is the *only* *viable* language for development. The fact is, no one language has yet managed to satisfactorily address all kinds of software development, and it's likely that that will not happen for a long time.
A simple language like C is much better than other "OO" ones.
Perhaps. The problem is, simple languages don't hold your hand. You
seem to want to take a simple language, then add features from other
languages, and pretend that it is still the simple language.
You have a compiler for this language of yours, which is based upon C,
but isn't C any longer. Why not simply come up with a new name for it,
publish a spec for it, and stop /pretending/ that it is C?
This would also allow you to eliminate all the cruft that you are
forced to carry around now, making your language "leaner and meaner",
and probably please you and perhaps others a great deal more than
whining constantly because the millions of existing C programmers don't
see it your way.
That would seem to make a lot of sense. Anyone that agrees with you
would adopt it immediately. Anyone that disagrees with you would
simply not use it. For some reason, that doesn't seem to make you
happy or you would have done so already.
A simple
software like my IDE/Debuger that installs in 30 seconds is much
EASIER TO USE than C# with Visual studio 2008 and 4GB of software!
I guess that theory that says "if you build a better mousetrap, the
world will beat a path to your door" isn't working out then? If this
was as much of a slam dunk as you claim, Microsoft would be out of the
compiler market. Clearly not everyone agrees with you.
--
Randy Howard (2reply remove FOOBAR)
"The power of accurate observation is called cynicism by those
who have not got it." - George Bernard Shaw
santosh wrote:
Aaron Hsu wrote:
>After seeing the Secure version I/O functions thread, it occured to me that maybe not everyone agrees with the almost universal adage that I have heard. I have Always been told that using things like strlcpy and other explicitly bounded functions were better than using the non-bounded versions like strcpy.
Is this a matter of good programming style, or is this just needless overhead?
I personally don't consider strlcpy or strcpy_s of much of an
improvement over strcpy and similarly for the other functions.
You still need to get the length right, and if you do get it
right, then strcpy, strcat etc. are perfectly safe.
But if you get it wrong, strlcpy/cat etc. will tell you, and not
blow up your system. They will even often tell you by how much.
Their only problem is not being in the C std library.
--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home .att.net>
Try the download section.
--
Posted via a free Usenet account from http://www.teranews.com
Randy Howard wrote:
>
.... snip ...
>
If someone knows of the magical programming language that makes
all of these issues go away, I would like to be told of it. If
there isn't one, then we'll have to continue to pick languages
based upon their appropriateness for a given task, and continue
to fix bugs.
s/all/most/
Pascal and Ada. :-)
--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home .att.net>
Try the download section.
--
Posted via a free Usenet account from http://www.teranews.com
Paul Hsieh wrote:
Aaron Hsu <arcf...@sacrid eo.uswrote:
>After seeing the Secure version I/O functions thread, it occured to me that maybe not everyone agrees with the almost universal adage that I have heard. I have Always been told that using things like strlcpy and other explicitly bounded functions were better than using the non-bounded versions like strcpy.
.... snip erroneous evaluation of strlcpy ...
>
>Is this a matter of good programming style, or is this just needless overhead?
Its a hack. Its not technically needed, and when it can be used
for its primary purpose its effects are partial. I don't think
the question of style or needless overhead enter into it. Its
more philosophical.
No, strlcpy and strlcat are much easier and more accurately used
that any combination of strcpy, strcat, strncpy, etc. They are a
part of the BSD system, and should be propagated into the standard
C library. You can see what they are, how they differ, and perform
your own accurate evaluation from strlcpy.zip available at:
<http://cbfalconer.home .att.net/download/>
--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home .att.net>
Try the download section.
--
Posted via a free Usenet account from http://www.teranews.com
On Wed, 27 Feb 2008 10:41:03 -0600, CBFalconer wrote
(in article <47************ ***@yahoo.com>) :
santosh wrote:
>Aaron Hsu wrote:
>>After seeing the Secure version I/O functions thread, it occured to me that maybe not everyone agrees with the almost universal adage that I have heard. I have Always been told that using things like strlcpy and other explicitly bounded functions were better than using the non-bounded versions like strcpy.
Is this a matter of good programming style, or is this just needless overhead?
I personally don't consider strlcpy or strcpy_s of much of an improvement over strcpy and similarly for the other functions. You still need to get the length right, and if you do get it right, then strcpy, strcat etc. are perfectly safe.
But if you get it wrong, strlcpy/cat etc. will tell you, and not
blow up your system. They will even often tell you by how much.
Their only problem is not being in the C std library.
Not to mention having a name (starting with str) that is not to be used
if not in the standard. Apparently arguing about this only counts when
used by functions that folks don't think should be part of standard C,
because they get flagged over it, but for other functions, like
strlcpy() nobody seems to object.
--
Randy Howard (2reply remove FOOBAR)
"The power of accurate observation is called cynicism by those
who have not got it." - George Bernard Shaw
Randy Howard wrote:
On Wed, 27 Feb 2008 06:54:23 -0600, jacob navia wrote
(in article <fq**********@a ioe.org>):
>But wxhy can't we make interfaces better?
We can. We do. You can create new interfaces independent of the std
library functions in many cases, or you can create "better" versions of
std library functions via wrappers to add safety features, or to
provide additional functionality. This has been done for ages. Open
source has to a certain degree wiped out the old commercial library
development market, but in either form, alternatives exist by the
bushel.
Then, if all that is OK, why you and the other people here are
ranting when Microsoft proposes a standard about those "wrappers"?
All functions in the microsoft proposal just add error checking to the
basic library functions.
>Why KEEP this OLD interfaces that have proven wrong over decades?
Because the legacy issue can't be gotten rid of just by snapping your
fingers. Billions (trillions?) of lines of C code are out there being
used. A lot of people love to reinvent wheels, but a lot more people
are still using the same wheels that were in use 20 years ago.
Yes. And they can go on doing that. Who cares? Nobody is
proposing to make all those functions (except the obviously
buggy ones like gets) obsolete instantaneously .
Why can't we use for NEW code better interfaces?
This is the central point of my argumentation. And it is repeated
thousand times and you ignored it AGAIN.
>strncpy, gets, asctime, trigraphs, all that CRUFT?
You are free to not use them. Just because something exists, doesn't
mean you have to use it.
>>Perhaps one reason why your posts are sometimes met with resistance is your seeming *insistence* that C (with your embellishments) is the *only* *viable* language for development. The fact is, no one language has yet managed to satisfactorily address all kinds of software development , and it's likely that that will not happen for a long time.
A simple language like C is much better than other "OO" ones.
Perhaps. The problem is, simple languages don't hold your hand. You
seem to want to take a simple language, then add features from other
languages, and pretend that it is still the simple language.
Adding the changes that I proposed makes the language
***SMALLER***.
Why that?
Because instead of having complex numbers (as standardized in C99) or
decimal numbers or fixed point numbers ALL in the language, we can
use a SINGLE extension (operator overloading) to accommodate them ALL.
That means that the language gets smaller by including a general
feature that will allow it to have ANY kind of numbers.
With the SAME feature (operator overloading) it is possible to
transparently make a bounded arrays package and use it when debugging,
and without changing a line of code you can revert to the old arrays
in production.
For instance.
Other advantages of that single change are described in my proposal
available at: http://www.q-software-solutions.de/~jacob/proposal.pdf
You have a compiler for this language of yours, which is based upon C,
but isn't C any longer. Why not simply come up with a new name for it,
publish a spec for it, and stop /pretending/ that it is C?
It is one of the few C99 implementations under windows. Done with
years of effort from my part. But here I have to hear from people
that never have done anything to promote standard C that "It is not C"
At least CB Falconer proposes his strlcpy or ggets packages.
What do YOU propose Mr Howard?
Just empty talk.
Easy isn't it?
[crap elided]
--
jacob navia
jacob at jacob point remcomp point fr
logiciels/informatique http://www.cs.virginia.edu/~lcc-win32
Aaron Hsu wrote:
Hey all,
After seeing the Secure version I/O functions thread, it occured to me
that maybe not everyone agrees with the almost universal adage that I
have heard. I have Always been told that using things like strlcpy and
other explicitly bounded functions were better than using the
non-bounded versions like strcpy.
Is this a matter of good programming style, or is this just needless overhead?
In my opinion, this depends entirely upon two things:
1) The competency of the programmer
2) The programmer's view of their own competency
For instance, I myself have high confidence in my own programming and
so I feel comfortable playing around with pointers. I don't have a
need for bounds checking, so any overhead introduced by bounds
checking would seem unacceptable to me.
In debug mode tho, I usually have all the warnings and safeguards
cranked thru the roof.
On Feb 27, 12:25 pm, Randy Howard <randyhow...@FO OverizonBAR.net >
wrote:
On Wed, 27 Feb 2008 12:13:53 -0600, jacob navia wrote
(in article <fq4995$8f...@a ioe.org>):
Randy Howard wrote:
On Wed, 27 Feb 2008 06:54:23 -0600, jacob navia wrote
(in article <fq3mi2$1j...@a ioe.org>):
>But wxhy can't we make interfaces better?
We can. We do. You can create new interfaces independent of the std
library functions in many cases, or you can create "better" versions of
std library functions via wrappers to add safety features, or to
provide additional functionality. This has been done for ages. Open
source has to a certain degree wiped out the old commercial library
development market, but in either form, alternatives exist by the
bushel.
Then, if all that is OK, why you and the other people here are
ranting when Microsoft proposes a standard about those "wrappers"?
When did I rant about a Microsoft proposal? A simple link will do.
All functions in the microsoft proposal just add error checking to the
basic library functions.
Then why not just introduce them as an open source library that
provides these wrappers? If they wanted them to be widely adopted and
quickly, this would be out there. Where can this library be
downloaded?
Good one! This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: jacob navia |
last post by:
As everybody knows, the C language lacks
a way of specifying bounds checked arrays.
This situation is intolerable for people that know
that errors are easy to do, and putting today's
powerful microprocessor to do a few instructions
more at each array access will not make any
difference what speed is concerned.
Not all C applications are real-time apps.
|
by: jacob navia |
last post by:
A function like strcpy takes now, two unbounded pointers.
Unbounded pointers, i.e. pointers where there is no
range information, have catastrophic failure modes
specially when *writing* to main memory.
A better string library would accept *bounded* pointers.
We would have then:
char *strcpyN(char *destination, size_t bound1,
char *src,size_t bound2);
|
by: jacob navia |
last post by:
We hear very often in this discussion group that
bounds checking, or safety tests are too expensive
to be used in C.
Several researchers of UCSD have published an interesting
paper about this problem.
http://www.jilp.org/vol9/v9paper10.pdf
Specifically, they measured the overhead of a bounds
|
by: polas |
last post by:
Afternoon everyone.
I have a quick question about standard C. Generally speaking, in my
experience, whenever one accesses an array there is never any bounds
checking done (either statically during compilation or dynamically
during runtime.) However, I was wondering if whether there is anything
defined in the standard about this.
The reason for this is I have some code conforming to ANSI C99 and
wish to write to both arrays and a block...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
| |
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |