Xref: utzoo comp.bugs.4bsd:1682 comp.std.c:4206 comp.lang.c:35577 Path: utzoo!utgpu!watserv1!watmath!att!linac!uwm.edu!zaphod.mps.ohio-state.edu!usc!apple!well!jef From: jef@well.sf.ca.us (Jef Poskanzer) Newsgroups: comp.bugs.4bsd,comp.std.c,comp.lang.c Subject: Re: Safe coding practices (was Re: Bug in users command) Message-ID: <22921@well.sf.ca.us> Date: 29 Jan 91 02:13:14 GMT References: <87681@tut.cis.ohio-state.edu> Reply-To: Jef Poskanzer Organization: Paratheo-Anametamystikhood Of Eris Esoteric, Ada Lovelace Cabal Lines: 39 In the referenced message, Bob Manson wrote: }You think 1000 users is a large number in a users program? Suppose I }decide to start recording all users over a large network in my utmp }file? (Wouldn't that be nice...how I hate rwho.) Yes, that might be nice... but if you did that, why would you want to run "users"? Three screenfuls of usernames is not particularly useful. And as for piping it to another program, there's the small problem that most "users" programs don't bother to write out any newlines. When you have fixed the far more serious problem of most Unix programs dumping core on such input (not even a "recompile me" message, how rude), then maybe I'll consider it worthwhile to add the malloc gunk. In general, sure, handling arbitrary input is great. In specific cases where you can make a confident estimate of the maximum input size, I have no problem at all with using checked fixed size arrays of ten times that size. The benefit is N fewer lines to get wrong, and the cost, if your estimate is good, is non-existant. }I'll bet that in a few years, 1000 will be far too small.... What is the precise meaning of "far too small"? At least one system where 1000 is too small? We probably have that already. But if you mean that such systems will be common, sure, I'll take that bet. How much? }and I won't be able to }recompile your program, because let's face it, 99.9% of all Unix }distributors don't give source. I give source. In fact, one reason I like code which prints messages like "change XYZ and recompile me please" is to discourage bozos from doing any god damned binary-only distributions of *my* source. --- Jef Jef Poskanzer jef@well.sf.ca.us {apple, ucbvax, hplabs}!well!jef "So young, so bad, so what."