Talk:CodingStandards
- snprintf considered harmful
Wesnoth's coding standards suggest using snprintf instead of sprintf. But snprintf does not guarantee null termination on all platforms -- notably, not on Windows / MSVC6 ( ref: http://www.derkeiler.com/Mailing-Lists/securityfocus/vuln-dev/2002-05/0505.html ). And some "n" string functions (notably strncpy) have guarantee the buffer is filled with nulls following the copied data, which is usually innocuous but can be nasty if you have a large buffer in an inner loop ---
/* example code */ char buf[512]; strncpy( buf, sizeof(buf), ps ); /* <-- always writes all 512 bytes! */ /* ensure termination */ buf[ sizeof(buf) - 1 ] = '\0';
The correct (but annoying and non-portable solution) is to use the new "l" versions of these functions -- strlcpy, slprintf, etc. But these are not standards. And Microsoft invented their own version of all of them with different names for the MSVC7/8 libraries.
Obsolete?
The C++11 banning part is clearly obsolete, C++11 is currently supported pretty much everywhere and I have found C++11 specific code in wesnoth's source code (this might be new, because the cmake script is not yet updated to compile it and crashes that it can't compile 'nullptr').