tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: using the interfaces in ctype.h

On 21-Apr-08, at 10:24 AM, der Mouse wrote:

Indeed, however the current implementation doesn't even try to
"detect" or "distinguish" EOF, and indeed passing EOF without casting
it properly and/or masking will result in an out-of-bounds array
access in the current implementation.

Look closer.  The object indexed inside the macro is _one past_ the
base of the array object being indexed; this is done specifically to
support EOF as an argument.

Nope, that does not work, at least not if the parameter is an int variable, as would be compatible with the API specification, and as is most commonly used in existing code in general I would guess.

But what does "safe" mean?  In this context, I don't think it means
"take out-of-range values and silently smush them into in-range
values".  Ideally, I'd say, it would mean "drop core when passed
anything out-of-range" (and I don't mean "drop core or access something
random, depending on the arg and how memory happens to be laid out").

And just how do you plan to do that with any traditional C implementation in the case where these APIs are implemented as preprocessor macros accessing a 257-byte array, as they are in NetBSD?

However, that's expensive enough that I for one am willing to accept
the lessened error checking for the sake of performance of correct code.

A simple mask provides all of the safety one can hope for given the present implementation. :-)

The OpenBSD, FreeBSD, and Darwin implementations use inline functions and varying degrees of additional protection, and also provide varying degrees of other enhanced features too.

                                        Greg A. Woods; Planix, Inc.

Home | Main Index | Thread Index | Old Index