Recently a newbie asked a question about formatting numbers into strings in C, and then I received an offline mail about my answer (this message was from some other chucklehead, not the original newbie, who seemed to appreciate my answer)…. The idiot was trying to tell me to only use snprintf “where it was necessary” (and use sprintf elsewhere), while I was arguing that using all the time was good practice and “safer” (if programmers were so good at seeing their own buffer overflows all the time Bugtraq wouldn’t be so necessary)… This joker simply wouldn’t even entertain the thought that the negligible performance penalty was worth it…
To me, while I recognize that sometimes “you know” that your buffer is large enough, but it seems to me that as soon as “you know” this is true, someone will come along and modify your code just enough to make it untrue… To me, good practice means doing your best to make sure your code is maintainable through the annals of time… Of course, I am probably pretty anal about this (since I seem to be the only person who advocates putting braces around one-line if blocks)…
Bitch off…
Update: I am glad to see so many other people do one-line conditionals the “right” way… =)
I thought _I_ was the only one who put braces around one-line conditionals!
http://www.courtesan.com/todd/papers/strlcpy.html
Unfortunately, the above does not appear to exist under Windows (as part of the default C library, anyway).
“The proposed replacement functions, strlcpy() and strlcat(), address these problems by presenting an API designed for safe string copies (see Figure 1 for function prototypes.”
Of course it’s not part of MSVC… Besides, if you really wanted to use them, it’s really not much work to write your own implementation, even if you did it in x86 asm for the speed.
The MSVC issue is relevant because (I assumed) that Windows is‘s reference platform the this conversation.
Granted, all one has to do is borrow the strl[cpy,cat].c implementations from OpenBSD and include them in your Windows project. The rsync distribution does this.
Actually, the newbie was running BeOS, but I do much of my work at work under Windows…. Unfortunately, though, this work is using the mozilla framework, and NSPR doesn’t have analogues of strl[cpy,cat]…
Windows, itself, though, has the functions StrCpyN as an analogue of strlcpy, but as far as I can tell there is no simple analogue of strlcat… What I would do to get around this in windows, though, would be to use snprintf(…,”%s%s”,…); in it’s substitute…
(note: snprintf is actually _snprintf in win32)
but as far as I can tell there is no simple analogue of strlcat…
Of course, someone reading the instructions would just choose Win32’s strncat functions.
=)
Of course it’s not part of MSVC…
Why do you say that?
Ooh… Neat!
I’m glad to see I’m not the only freak of nature who puts braces around one-line if’s.
I like the braces on the one line IF’s too… Then again I make up for it by using the ternary ?: sometimes…
One-line if blocks…
I’m all about the braces on one-line
ifblocks. It smooths manymaintenance headaches.
For a more stringent approach to
coding: see this article.
Re: One-line if blocks…
I remember reading that article a while back, either you sent it to me or to noise… I am not sure what I think of it, in fact i have a difficult time figuring out whether it is satire or someone’s actual practice… =)
Re: One-line if blocks…
I share that feeling too.
I always put braces around one-line conditionals… i also tend to use too many parentheses, just to be sure that the code is doing what I want it to. ;)
The first few pages of O’Reilly’s “Practical C++ Programming” had a quote that has stuck with me for many years:
C++ Order of Operations:
1) Multiplication and Division before Addition and Subtraction
2) Put Parentheses around everything else
I think that sums it up pretty nicely… =)
Ditto.
Just use Python for everything and don’t worry about braces and low-level string operations. =)
Hmmm… There are XPCOM bindings for Python…. =)