Re: Secure coding in C (was Re: Administrivia #4883)

[kay () PHREEDOM ORG (kay)]

On Fri, Jan 14, 2000 at 04:08:41PM -0500, Bennett Todd wrote:
[snip]
]       char *a = something();
]       char *b = something_else();
]       int len = strlen(a) + strlen(b);
]       char *c = malloc(len + 1) || die("malloc");
]       (void) strcat(strcpy(c, a), b);
]
] BTW, what I ended up coding instead of that last line (as it grew
] way more complex) was equivalent to:
]
]       snprintf(c, len, "%s%s", a, b) > 0 || die "snprintf";

I would like to point out glib - it si available from ftp.gtk.org and its
mirrors. It is mainly a utility function library, widely used in Gtk+ and
GNOME, but it has nothing to do with GUI at all. Particularly interesting
is its GString object (yes, object; OOP is possible in C). To quote the
manual:

        Description

        A GString is similar to a standard C string, except that it grows
        automatically as text is appended or inserted.

        The space allocated for the string is always a power of two, so as
        the string grows it will occupy 2, 4, 8, 16, 32, 64, 128 etc.
        characters.

        Details

        struct GString
        {
                gchar *str;
                gint len;
        };

        The GString struct contains the public fields of a GString. The str
        field points to the character data. It may move as text is added.
        The len field contains the length of the string, not including the
        terminating null character.
        The str field is zero-terminated and so can be used as an ordinary
        C string. But it may be moved when text is appended or inserted into
        the string.

And some of the functions available:

        GString* g_string_new(const gchar *init);
        GString* g_string_assign(GString *lval, const gchar *rval);
        void     g_string_sprintf(GString *string, const gchar *format, ...);
        void     g_string_sprintfa(GString *string, const gchar *format, ...);
        GString* g_string_append(GString *string, const gchar *val);
        GString* g_string_append_c(GString *string, gchar c);
        GString* g_string_prepend(GString *string, const gchar *val);
        GString* g_string_prepend_c(GString *string, gchar c);
        GString* g_string_insert(GString *string, gint pos, const gchar *val);
        GString* g_string_insert_c(GString *string, gint pos, gchar c);
        GString* g_string_erase(GString *string, gint pos, gint len);
        GString* g_string_truncate(GString *string, gint len);
        void     g_string_free(GString *string, gint free_segment);
        
I find it pretty useful for security-sensitive applications. Also if the whole
library is too big for your taste, you could always cut only the GString part
- it is LGPL.

] -Bennett

--
key ID: 1024D/F00A7E3F (DSS)    user ID: kay <kay () phreedom org>
fingerprint: DDCC 1A8C 30C5 8C7B C7E3  8808 02C3 1A5D F00A 7E3F