What happens if you pass a source length greater than the actual string length?

re: What happens if you pass a source length greater than the actual string length?

AndyB — Wed, 26 Sep 2007 15:17:02 GMT

Dagwood, C was foisted upon us by the folks at MS, not Scott McNealy. Scott foisted Java upon us, though I concur that Java and C are practically the same thing.

I think I may have misplaced a # character in there somewhere though :-)

re: What happens if you pass a source length greater than the actual string length?

John Hensley — Mon, 24 Sep 2007 03:39:26 GMT

C wasn't "foisted" on anyone, and certainly not by Sun. Programmers took it up willingly.

If it isn't Unicode, it isn't ANY code!

Sorting It All Out — Sun, 23 Sep 2007 12:51:57 GMT

Raymond makes a good point in What happens if you pass a source length greater than the actual string

re: What happens if you pass a source length greater than the actual string length?

Dagwood — Sun, 23 Sep 2007 00:03:00 GMT

This entire scenario and discusion supports my contention that when C was foisted on us by Scott McNeely, et al in the 80's it was a very tragic day for IT.

re: What happens if you pass a source length greater than the actual string length?

IgorD — Sat, 22 Sep 2007 01:49:11 GMT

This post brought tears to my eyes.

Few weeks ago I found a bug that "sometimes" crashed my application.

The code (simplified ) at first went something like this:

void DrawingFunction (..., char *someText)

{

int len = strlen (someText);

DrawText (hdc, someText, len, txtRect, DT_LEFT | ...);

}

and everything was fine, but at some point I changed it to this:

void DrawingFunction (..., char *someText)

{

int len = strlen (someText); // HERE'S THE DEVIL!

char tmpBuff[256];

if (somethin) {

len = GetAltText (tmpBuff, someText);

else

sprintf (tmpBuff, "%.*s", 255, someText); // NORMAL CASE

DrawText (hdc, tmpBuff, len, txtRect, DT_LEFT | ...);

}

and it would crash every time 'someText' was longer than 255+ characters (and 'somethin' was false).

I was chasing that bug for two years (because 'someText' was usualy very short). I don't know, I must have done it in a hurry or asleap or ...

Horror! Horror!

re: What happens if you pass a source length greater than the actual string length?

Gazpacho — Fri, 21 Sep 2007 22:53:59 GMT

"You're kidding. No one who writes C code would ever write that."

I think it is common knowledge among Windows programmers that the use of MAX_PATH anywhere in string-related code makes it crash-proof.

re: What happens if you pass a source length greater than the actual string length?

Frederik Slijkerman — Fri, 21 Sep 2007 17:43:31 GMT

@Tim Smith: You're right, I forgot about that. :-)

re: What happens if you pass a source length greater than the actual string length?

Tim Smith — Fri, 21 Sep 2007 03:26:48 GMT

Frederik: I think for a function called invariant_strnicmp with char* arguments, you can assume that these are valid null-terminated strings...

Absolutely not. The history of the strnicmp routines date back to the old unix file systems where you would pack those file named in a structure that has enough space to hold a string up to the max length NOT including the NUL.

For many, strncmp has become a method of doing substring matching, but it was originally more about space savings and buffer padding (see strncpy.)

re: What happens if you pass a source length greater than the actual string length?

mccoyn — Thu, 20 Sep 2007 16:13:55 GMT

No one who writes C code would ever write that on purpose.

The problem is that if your team cranks out 100,000 lines of code for a product can you be sure that none of your developers made that mistake just once, even though there are 1000 places where it could have been made? Are your developers mistake rates less than 0.1% ?

You might be able to double check everything, but it will take a lot of work.

re: What happens if you pass a source length greater than the actual string length?

Adam — Thu, 20 Sep 2007 12:26:58 GMT

If you want it to work with strings that may or may not be null terminated, I think you need something like this:

int invariant_strnicmp(char *s1, char *s2, size_t n)

{

size_t n1 = strnlen(s1, n);

size_t n2 = strnlen(s2, n);

return CompareStringA(LOCALE_INVARIANT, NORM_IGNORECASE,

s1, n1, s2, n2) - CSTR_EQUAL;

}