View mode: basic / threaded / horizontal-split · Log in · Help
October 04, 2012
Re: Idea: Introduce zero-terminated string specifier
On Wed, 03 Oct 2012 08:37:14 -0400, Regan Heath <regan@netmail.co.nz>  
wrote:

> On Tue, 02 Oct 2012 21:44:11 +0100, Steven Schveighoffer  
> <schveiguy@yahoo.com> wrote:
>> In fact, a better solution would be to define a C string type (other  
>> than char *), and just pretend those system calls return that.  Then  
>> support that C string type in writef.
>>
>> -Steve
>
> :D
> http://comments.gmane.org/gmane.comp.lang.d.general/97793
>

Almost what I was thinking.

:)

Though, at that point, I don't think we need a special specifier for  
writef.  %s works.

However, looking at the vast reach of these changes, I wonder if it's  
worth it.  That's a lot of prototypes to C functions that have to change,  
and a large compiler change (treating string literals as CString instead  
of char *), just so C strings print out with writef.  Not to mention code  
that will certainly break...

-Steve
October 04, 2012
Re: Idea: Introduce zero-terminated string specifier
On Tuesday, 2 October 2012 at 13:07:46 UTC, deadalnix wrote:
> Le 01/10/2012 22:33, Vladimir Panteleev a écrit :
>> On Monday, 1 October 2012 at 12:12:52 UTC, deadalnix wrote:
>>> Le 01/10/2012 13:29, Vladimir Panteleev a écrit :
>>>> On Monday, 1 October 2012 at 10:56:36 UTC, deadalnix wrote:
>>>>> How does to!string know that the string is 0 terminated ?
>>>>
>>>> By convention (it doesn't).
>>>
>>> It is unsafe as hell oO
>>
>> Forcing the programmer to put strlen calls everywhere in his 
>> code is not
>> any safer.
>
> I make the library safer. If the programmer manipulate unsafe 
> construct (like c strings) it is up to the programmer to ensure 
> safety, not the lib.

Thrusting the programmer is what brought upon us the wrath of 
security exploits via buffer overflows.

--
Paulo
October 04, 2012
Re: Idea: Introduce zero-terminated string specifier
On Thu, 04 Oct 2012 01:05:14 +0100, Steven Schveighoffer  
<schveiguy@yahoo.com> wrote:

> On Wed, 03 Oct 2012 08:37:14 -0400, Regan Heath <regan@netmail.co.nz>  
> wrote:
>
>> On Tue, 02 Oct 2012 21:44:11 +0100, Steven Schveighoffer  
>> <schveiguy@yahoo.com> wrote:
>>> In fact, a better solution would be to define a C string type (other  
>>> than char *), and just pretend those system calls return that.  Then  
>>> support that C string type in writef.
>>>
>>> -Steve
>>
>> :D
>> http://comments.gmane.org/gmane.comp.lang.d.general/97793
>>
>
> Almost what I was thinking.
>
> :)
>
> Though, at that point, I don't think we need a special specifier for  
> writef.  %s works.

True.

> However, looking at the vast reach of these changes, I wonder if it's  
> worth it.  That's a lot of prototypes to C functions that have to  
> change, and a large compiler change (treating string literals as CString  
> instead of char *), just so C strings print out with writef.

That's not the only motivation.  The change brings more type safety in  
general and should help to catch bugs, like for example the common one  
made by people just starting out with D (from a C/C++ background).

> Not to mention code that will certainly break...

Some code will definitely stop compiling, but it's debatable as to whether  
this code is not already "broken" to some degree.. it's likely not as  
safe/robust as it could be.

R

-- 
Using Opera's revolutionary email client: http://www.opera.com/mail/
Next ›   Last »
2 3 4 5 6
Top | Discussion index | About this forum | D home