In message <[EMAIL PROTECTED]> Mike Smith writes:
: What's really stupid is that most of the time you're trying to use
: these functions to fix code that looks like:
: strcpy(buf, str1);
: strcat(buf, str2);
: strcat(buf, str3);
: without overflowing buf. This is dumb! Use asprintf instead:
:
: asprinf(&buf, "%s%s%s", str1, str2, str3);
:
: If you can't keep all of the string elements together at once, try:
:
: asprinf(&buf, "%s%s", str1, str2);
: ...
: asprintf(&buf2, "%s%s", buf, str3);
: free(buf);
:
: No, it's not fast, but it _is_ robust.
That is true for this case, but not always true. I think these APIs
have an excellent role to play. Sure, there are other ways to do it,
but there are a growing number of systems that have strl* on them
(OpenBSD, Linux and Solaris), which is reason enough to improve our
portability by using them.
The asprintf isn't completely robust becuase you must free() the
routine, or face a memory leak. It won't overflow, but it might
introduce another bug. The whole point of these APIs was to
transition old code to new in a safe manner that isn't prone to
potentiall programming errors.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
