Xref: utzoo comp.bugs.4bsd:1676 comp.std.c:4194 comp.lang.c:35523 Path: utzoo!utgpu!watserv1!watmath!att!linac!pacific.mps.ohio-state.edu!zaphod.mps.ohio-state.edu!wuarchive!ukma!psuvax1!rutgers!cmcl2!kramden.acf.nyu.edu!brnstnd From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein) Newsgroups: comp.bugs.4bsd,comp.std.c,comp.lang.c Subject: Re: Safe coding practices (was Re: Bug in users command) Message-ID: <23975:Jan2516:36:5891@kramden.acf.nyu.edu> Date: 25 Jan 91 16:36:58 GMT References: <22311:Jan2502:34:1191@kramden.acf.nyu.edu> <22879@well.sf.ca.us> Organization: IR Lines: 47 In article <22879@well.sf.ca.us> Jef Poskanzer writes: > }Now you can talk all you want about reallocating memory (btw, there's no > }safe way to use realloc(), but you knew that) > Actually, I didn't. Say more. Some versions of realloc() return the original pointer rather than 0 if they run out of memory. So you have to code the malloc()/bcopy()/free() sequence yourself if you want error checking. > }and about people who simply *talk* about code instead of *writing* code, > Please get stuffed. Hey, bud, you started. My code can't defend itself against your insults, so someone has to do the job... :-) > }You won't be able to identify a > }single functional requirement that your reallocating version > You must have mis-read my message. I don't have any version which uses > realloc. This was in the hypothetical case that you do write a reallocating version. > As long as you've got that > overflow check in there, fine, it works. But after correctness you > have to consider simplicity, and the fixed-size (but large and checked) > array wins there. It depends on whether you consider the fixed-size array to be correct. Anyway, it's so simple to allow any number of users that you might as well make the change. > I realize they tell you in Computer Science School > that you're not supposed to do things like this. Hey, bud, don't accuse me of being a computer scientist, or I'll have to start flaming you again. (Last I heard, programming wasn't even part of the computer science curriculum.) > I'm telling you now > that it can be appropriate. Be serious. We're talking about a trivial piece of code. Why is it ``appropriate'' to use an arbitrary limit when it's so easy to get rid of the limit? ---Dan