Talk:CodingStandards

From The Battle for Wesnoth Wiki
Revision as of 05:06, 13 April 2008 by Faultline (talk | contribs) (Start discussion about snprintf)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
  • snprintf considered harmful

Wesnoth's coding standards suggest using snprintf instead of sprintf. But snprintf does not guarantee null termination on all platforms -- notably, not on Windows / MSVC6 ( ref: http://www.derkeiler.com/Mailing-Lists/securityfocus/vuln-dev/2002-05/0505.html ). And some "n" string functions (notably strncpy) have guarantee the buffer is filled with nulls following the copied data, which is usually innocuous but can be nasty if you have a large buffer in an inner loop --- 

/* example code */
char buf[512];

strncpy( buf, sizeof(buf), ps ); /* <-- always writes all 512 bytes! */

/* ensure termination */
buf[ sizeof(buf) - 1 ] = '\0';

The correct (but annoying and non-portable solution) is to use the new "l" versions of these functions -- strlcpy, slprintf, etc. But these are not standards. And Microsoft invented their own version of all of them with different names for the MSVC7/8 libraries.

Retrieved from "https://wiki.wesnoth.org/index.php?title=Talk:CodingStandards&oldid=25300"