"Shmuel (Seymour J.)Metz" <spamt...@library.lspace.org.invalid> wrote in
message news:4f8410ff$2$fuzhry+tra$mr2...@news.patriot.net...
In <20120409111329....@kylheku.com>, on 04/09/2012
at 06:55 PM, Kaz Kylheku <k...@kylheku.com> said:
If we scan for a null terminator which is not there, we have a
buffer overrun.
You're only thinking of scanning an existing string; think of
constructing a string. The null only indicates the current length, not
the amount allocated.
If a length field in front of string data is incorrect, we also have
a buffer overrrun.
The languages that I'm aware of that use a string length field also
use a length field for the allocated storage. More precisely, they
require that attempts to store beyond the allocated length be
detected.
I would have thought trying to *read* beyond the current length would be an
error.
Writing beyond the current length, and perhaps beyond the current allocation
might be OK if the string is allowed grow, otherwise that's also an error.
In any case, there is no real need for an allocated length to be passed
around with the string, if you are only going to be reading it, or only
modifying the existing characters. And depending on the memory management
arrangements, such a length need not be stored at all.
--
Bartc
--
http://mail.python.org/mailman/listinfo/python-list
