On Fri, 7 May 2010 21:50:46 +0100, Alastair Houghton said: >On 7 May 2010, at 21:16, Sean McBride wrote: > >> Also, you should never use sprintf. Use snprintf instead. > >snprintf() is safer, certainly, but "never" is a little strong for my >taste. Like goto or longjmp(), it depends who is using it and what for.
Well, yes, there's an exception to every rule (even this one). :) But really, sprintf is more evil than goto, especially since snprintf can be easily substituted. Using sprintf is risking exploitable buffer overflows, a common security problem, especially if the string is user- input. See also: <http://developer.apple.com/mac/library/documentation/Security/ Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/ doc/uid/TP40002577-SW10> >*Anyway*, this is cocoa-dev, and that being the case, this entire >question is off-topic. So to bring it back *on* topic, a better >alternative would be to use NSString's -stringWithFormat: method, which >is safer than sprintf() or snprintf(), and means you get an NSString >object which is a much richer type than a plain C string. - >stringWithFormat: also supports pretty much the same set of specifiers >that printf() does, with the addition of %@, of course. > >Oh, and there's also NSNumberFormatter if you want to format numbers in >a more sophisticated manner. Agreed! -- ____________________________________________________________ Sean McBride, B. Eng s...@rogue-research.com Rogue Research www.rogue-research.com Mac Software Developer Montréal, Québec, Canada _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
