Yes, range checking carries a performance penalty, and there have been arguments in the past about performance versus safety. I'm in the camp that believes that they should be enabled in any program where incorrect output would cause a problem or where there are security issues.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List [[email protected]] on behalf of Jay Maynard [[email protected]] Sent: Wednesday, March 30, 2022 12:06 PM To: [email protected] Subject: Re: PL/I ISTR that STRINGRANGE and STRINGSIZE carried a performance penalty, though it's been a very long time since I did PL/I. I would expect that the hit is small but measurable, and generally worth it. On Wed, Mar 30, 2022 at 10:54 AM Robin Vowels <[email protected]> wrote: > On 2022-03-31 01:42, Seymour J Metz wrote: > > However, buffer overruns are characteristic of languages with no range > > checking. Of course, you can write C in PL/I with, e.g, > > (NOSTRINGRANGE) prefixes. > > No, the appropriate condition is STRINGSIZE. > And that is disabled by default. > STRINGRANGE is disabled by default also. > > It is always recommended to enable the STRINGSIZE condition. > > > ________________________________________ > > From: IBM Mainframe Discussion List <[email protected]> on > > behalf of Paul Gilmartin > > Sent: Wednesday, March 30, 2022 10:31 AM > > Subject: Re: PL/I question > > > > On Wed, 30 Mar 2022 14:53:57 +0100, Rupert Reynolds wrote: > > > >> That's a common problem, certainly, but if we include the wider world > >> of > >> micros and minis, I'd bet that buffer overuns related to > >> null-teminated > >> strings (BLEAH!) are in the lead :-) > >> > > Buffer overruns are hardly peculiar to null-temniated strinigs. > > Rather, > > they result from indolent programmers' neglecting to check the length > > before the move or the status after; using strcat() and sprinitf() > > instead of strncat and snprintf(); etc. > > > > What should be done in HLASM? Use unprotected MVCL, or define > > data types with explicit lengths and rely on macros to move data with > > protection? > > > > Should an attempted buffer overrun throw an exception? > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- Jay Maynard ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
