[Effective-cpp] Item 2: The String Formatters of Manor Farm, Part 1: sprintf
White Wolf
wolof at freemail.hu
Fri Oct 29 09:22:46 EDT 2004
effective-cpp-bounces at accu.org wrote:
> On Thursday, October 28, 2004, at 03:52 PM, Balog Pal wrote:
>
>>> There is no length safety. There is no way to explicitly limit how
>>> much of the character array is used. This can and often does result
>>> in buffer overrun errors.
>>
>> No length safety is a prblem everyone shall be aware. Unfortunaltely
>> sprintf has no way to pass in the buffer length, and stop there.
>> Many implementations provide such safe versions (snprintf ot alike)
>> , those are not standard, but I'd suggest use those instead of
>> sprintf.
>>
> snprintf is a standard part of C99, though not in C++03.
> It's very widely implemented even where C99 isn't supported,
> but varies in whether it guarantees nul-termination, and in what the
> return value is.
And it still only solves one part of the problem. It does not solve the
problem of ellipsis not "scaling" to user defined types. Which - in
practice - means that if any format string function is used in a C++
codebase, it will - sooner or later - break encapsulation.
Attila
More information about the Effective-cpp
mailing list