|
Boost : |
From: Reece Dunn (msclrhd_at_[hidden])
Date: 2006-01-30 04:02:49
Pavel Antokolsky aka Zigmar wrote:
>For me personally, the reason I didn't submit any review, that I'm not
>completely understand the purpose of the library. The documentation
>(as few mentioned) lacks motivation and general description. So how
>can I review the library, if I can't understand what the library is
>trying to solve and how. I can't say for others, but for it is the
>reason. I suggest that even if documentation can't be updated during
>formal review, that the author will give a little more extended
>explanation here, at mail list.
The main aim of the library was presented in the "The Problem"/"The
Solution" sections (the first ones) of the documentation.
Normally, in C (or even some C++ code), you have constructs that look like
this:
char buffer[ 15 ];
sprintf( buffer, "Some %s text", "verly long" );
The problem is that the above would cause a buffer overrun, which is the
most common cause of denial of service attacks and other security holes in
major applications. The variant that allows you to specify the size of the
string buffer is better, but not prefect. Consider the following:
wchar_t buffer[ 5 ];
wcsncpy( buffer, sizeof(buffer), L"12345678" );
At first glance, this code looks safe, but will also cause a buffer overrun.
The fixed_string class is designed to solve this problem. The above examples
would be:
fixed_string< 15, char > buffer;
sprintf( buffer, "Some %s text", "verly long" );
and:
fixed_string< 5, wchar_t > buffer;
wcscpy( buffer, L"12345678" );
If the introduction does not make this clear, I have written the
documentation wrong. *This* is why feedback is useful - to know what people
don't understand about the documentation, so I can address those issues for
the next review. Otherwise, the documentation will most likely still suffer
from the same problems.
Also, the C and C++ string implementations do not prevent you passing in
null strings. Thus, in the msvc 7.1 implementation, the following will cause
a run-time crash:
std::string foo( 0 );
std::ostringstream ss;
ss << "Crash! Boom! Bang!" << static_cast< const char * >( 0 ) <<
std::endl;
- Reece
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk