Vulnerability Development mailing list archives
Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh)
From: Dag-Erling Smorgrav <des () OFUG ORG>
Date: Mon, 2 Oct 2000 17:12:42 +0200
"Bluefish (P.Magnusson)" <11a () GMX NET> writes:
Reason 2: Portability. As \0 is the prefered way, it will always work. Perhaps there exist some bastard-c where NULL != \0, then it won't work
Doesn't need to be "some bastard-c"; it makes perfect sense to define NULL as ((void*)0) (saves you some trouble with vararg funtions when pointers and integers are of different size, or a NULL pointer isn't all-bits-zero). See sections 6.3.2.2 #3 (and the associated footnote 48) and 7.17 #3 in C99. (note: the references given are actually to WG14/N869. I don't think the finished standard is significantly different, though.)
Basicly both NULL and \0 is on 99.99% of all systems a binary zero. But it is IMHO quite silly to use NULL.
Whether or not a null pointer is all-bits-zero isn't the point. The point is that most hosted compilers define NULL as 0, which in this context is interpreted as the integer constant 0 instead of a null pointer, and the integer constant 0 is all-bits-zero (section 6.2.6.2 of C99 more or less requires that the binary representation of 0 as an unsigned integer be all-bits-zero)
Looking at James' comments in the fixup; // (sizeof(variable)-1) instead of sizeof(variable) - NULL, \0, 0 It's beyond me what he's actually wants to spell out. sizeof(variable) - NULL == sizeof(variable) - 0 sizeof(variable) - sizeof(NULL) == sizeof(variable) - 4 (if NULL 32bit)
I think he meant sizeof('\0'). Using sizeof(NULL) is always wrong in this case, because it is equivalent to either sizeof(int) or sizeof(void*) depending on the definition of NULL, but never sizeof(char) which is what he intended. In any case, the standard guarantees that sizeof(char) is always 1. BTW, sizeof(NULL) as "the size of a NULL pointer" is likely to give surprising results on platforms where pointers and integers are of different sizes, unless the compiler defines NULL to ((void*)0). Use sizeof((void*)NULL) instead.
With the risk of James feeling a bit flamed, I consider arguments and code shown as quite demonstrative of a C programmer who trusts his skills too much; the coding was either extremly careless or he hasn't fully grasped some of the subject he thinks he does.
I think it's more of a case of trying to be too smart for his own good, and not knowing C as well as he thinks he does.
* QA tests, buddy checks etc. (Give QA people extra money if they find many bugs or dangerous bugs!)
No. That way lies madness. DES -- Dag-Erling Smorgrav - des () ofug org
Current thread:
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Oct 02)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Dag-Erling Smorgrav (Oct 02)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Peter Pentchev (Oct 02)
- <Possible follow-ups>
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Aigars Grins (Oct 10)