home *** CD-ROM | disk | FTP | other *** search
- Path: lyra.csx.cam.ac.uk!news
- From: gdr11@cl.cam.ac.uk (Gareth Rees)
- Newsgroups: comp.lang.c
- Subject: Re: ANSI C and POSIX (was Re: C/C++ knocks the crap out of Ada)
- Date: 11 Apr 1996 15:34:27 +0100
- Organization: Cambridge University Computer Lab
- Message-ID: <yxspw9eommk.fsf@stint.cl.cam.ac.uk>
- References: <JSA.96Feb16135027@organon.com> <dewar.828936837@schonberg>
- <4kb2j8$an0@solutions.solon.com> <dewar.829011320@schonberg>
- <4kcsnsINNgkb@keats.ugrad.cs.ubc.ca> <dewar.829051685@schonberg>
- <829066525snz@genesis.demon.co.uk> <dewar.829096975@schonberg>
- NNTP-Posting-Host: stint.cl.cam.ac.uk
- X-Newsreader: Gnus v5.0.15
-
- Robert Dewar <dewar@cs.nyu.edu> wrote:
- > Highly imprecise thinking here I fear. There is no practical way for
- > any implementation to do the check you mention (this = value in 3rd
- > argument that is greater than the available buffer size).
-
- But the *programmer* can do the check while writing the program! The
- programmer must have declared or allocated a buffer of some size.
- Consider: if I wrote code like
-
- #include<stdio.h>
-
- int main () {
- char buf[80];
- /* Input lines are always 78 characters or less, so the limit of
- 100 can never cause a buffer overflow */
- while (fgets(buf,100,stdin))
- puts(buf);
- return 0;
- }
-
- you would quite rightly point out that this is gratuitously broken and
- that it would cost me nothing (and gain a lot) to change `100' to `80'.
- It's the same with the buffer size in `read'. Why make the byte count
- larger than the buffer size when you don't have to?
-
- --
- Gareth Rees
-
