From owner-freebsd-questions@FreeBSD.ORG Mon Oct 19 13:58:07 2009 Return-Path: Delivered-To: FreeBSD-Questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C33C21065670 for ; Mon, 19 Oct 2009 13:58:07 +0000 (UTC) (envelope-from dkelly@Grumpy.DynDNS.org) Received: from smtp.knology.net (smtp.knology.net [24.214.63.101]) by mx1.freebsd.org (Postfix) with ESMTP id 4F6308FC12 for ; Mon, 19 Oct 2009 13:58:06 +0000 (UTC) Received: (qmail 4507 invoked by uid 0); 19 Oct 2009 13:58:05 -0000 Received: from unknown (HELO Grumpy.DynDNS.org) (24.42.224.110) by smtp1.knology.net with SMTP; 19 Oct 2009 13:58:05 -0000 Received: by Grumpy.DynDNS.org (Postfix, from userid 928) id AD64228435; Mon, 19 Oct 2009 08:58:05 -0500 (CDT) Date: Mon, 19 Oct 2009 08:58:05 -0500 From: David Kelly To: FreeBSD-Questions@FreeBSD.org Message-ID: <20091019135805.GA35875@Grumpy.DynDNS.org> References: <20091019013337.GA9522@thought.org> <72213BBF-5E05-430D-BF9A-FCD2666951C6@hiwaay.net> <20091019054344.bb4822ca.freebsd@edvax.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091019054344.bb4822ca.freebsd@edvax.de> User-Agent: Mutt/1.4.2.3i Cc: Subject: Re: need C help, passing char buffer[] by-value.... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: FreeBSD-Questions@FreeBSD.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Oct 2009 13:58:07 -0000 On Mon, Oct 19, 2009 at 05:43:44AM +0200, Polytropon wrote: > On Sun, 18 Oct 2009 22:23:43 -0500, David Kelly wrote: > > When not using a count to indicate how much data is in a char* you > > should always test for null. Testing for null is not a sure fire way > > to prevent buffer over runs but its better than nothing. > > There are means like > > #include > ... > assert(s); > > to make sure s is not NULL, or testing for it explicitely like > > if(!s) > ... error handling here ... You are missing my point that *s == 0 is not a good out of bounds range check. > is possible. Furthermore, it is a proven way to give a length > argument along with the (char *) argument, such as the "new" > l-functions for strings, e. g. strlcat() and strlcpy(), do. > > char *skiptags(char *s, int l); > > You can even double-check for l begin != 0. Or you employ a > test with strlen() function-internally. strlen() knows nothing about the buffer allocation. As I originally said, testing for null (and my example tested) is not foolproof but its better than nothing. One should *also* test for the known end of the allocated buffer. -- David Kelly N4HHE, dkelly@HiWAAY.net ======================================================================== Whom computers would destroy, they must first drive mad.