Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:I get this... (Score 1, Informative) 393

The food in the buffet is inedible - I wouldn't feed it to hogs.

That's funny... that's exactly what they do.

I saw a segment on some TV show a few years ago that featured a guy who collects the abundant leftover buffet food from Las Vegas hotels, mixes it all together, and then delivers it to hog farms. The animals did seem to be enjoying it quite a bit.

Comment Re:Search engine? (Score 1) 285

So you've avoided the need for another function by requiring the user to add *two* separate manual fixups to each call of the most common use case. Do you realize how stupid that is?

Of course, the best practice is to forbid the use of strncpy at all in coding standards, which then involves what you said you wanted to avoid: writing your own function.

I'm not the only one to point this out. Here's the discussion of strncpy from Wikipedia:

Despite the well-established need to replace strcat[10] and strcpy[6] with functions that do not allow buffer overflows, no accepted standard has arisen. This is partly due to the mistaken belief by many C programmers that strncat and strncpy have the desired behavior; however, neither function was designed for this (they were intended to manipulate null-padded fixed-size string buffers, a data format less commonly used in modern software), and the behavior and arguments are non-intuitive and often written incorrectly even by expert programmers.

Comment Re:Search engine? (Score 1) 285

As I said, "sound practice" involves not using that damned function at all. Why do you defend the design of an API that requires you to add an extra line of mitigation code every time you use it?. And why would you accept the performance hit of the extraneous zero padding? It's most likely worse than any of the bounds checking you're so worried about. But an actual "real programmer" would know that.

Comment Re:Search engine? (Score 1) 285

It the function were named "copyTeminatedStringTo_UNTERMINATED_memoryBuffer()", then you'd have a point.

As it is, this non-string function is named just like all of the actual terminated string functions. So you can save your insults; *I* know about this C library fail (along with scores of other fails), but this problem usually crops up multiple times in any significant project with more than a couple of team members. So much so that it's best to prohibit the use of this function altogether in coding standards, and replace it with a home-grown function that does what people actually expect.

Attempts to "fix" the problem by fudging the buffer and setting characters are just asking for fencepost errors. Not to mention the performance penalty for needlessly zeroing out any empty space after the string.

Comment Re:Search engine? (Score 1) 285

Yes, you would naturally assume that best practice is to artificially adjust the buffer length, and to execute a separate statement to add a null char *every* time you call one particular library routine, especially if most every other library routine that starts with "str" does set the null terminator unconditionally and doesn't require you to fudge the buffer length.

Or at least you might assume that if you were an imbecile.

Comment Re:Search engine? (Score 2) 285

That's nice that you have the optional local documentation installed for the C libraries, so you can find out that strncpy() doesn't do what any reasonable person would assume it does without searching the web. (Do you have the POSIX versions installed as well? Sometimes it conflicts with the Linux version, and both can be extremely vague. For those entries, you might have to start searching the web.)

Not to mention that many if not most of the gotchas are in the core language, and man pages won't help you much there.

Comment Re:Search engine? (Score 2) 285

If C developers aren't searching for C info, they ought to be. People may think that C is simple, but it's full of hidden gotchas.

For example, strncpy() doesn't actually do what any reasonable person would assume it does. Using it in the wrong "obvious" way can result in bugs that won't easily be found during testing. There are hundreds more land mines like that sprinkled throughout the C ecosystem, and they all need to be reviewed repeatedly before one can be considered an experienced developer.

Comment Re:Truth of the story. (Score 1) 432

About the only NASCAR related things I saw there, other than the outdated pushrod V8s I already mentioned, were some oil filters. The remaining technologies were either from less reactionary racing organizations that allow car designs that aren't still pinned to production cars from 40 years ago, or they were broad technology categories that happened many decades ago. (Plastic-bodied cars have been on the market for at least six decades now.)

So, getting back to the original post, Ford cars must suck because their oil filters aren't good enough to win NASCAR races.

Comment Re:Truth of the story. (Score 1) 432

I'm sure that very little of the R&D that goes into contemporary NACAR racing has any relevance to production vehicles. For example, until very recently, the power train engineering was all about getting performance out of a carburetted pushrod V8 sucking air through artificially small holes. What has that got to do with today's real world? Likewise, safety is based on tightly strapping the driver into the very center of a birdcage frame. Once again, completely irrelevant to highway situations.

Comment Re:Was the Go prog lang at fault? Would Rust help? (Score 1) 119

So to me it sounds like this incident was at least partially due to limitations with the Go programming language and its libraries.

For now, you could use a platform-specific workaround. (Just like you would have to do if you were coding in C). For Linux:

func Uptime() (int64, err) {
    var si syscall.Sysinfo_t
    err = syscall.Sysinfo(&si)
    return si.Uptime, err
}

I'm too lazy to look up whether Windows has a similar feature.

Comment Re:Truth of the story. (Score 5, Interesting) 432

Everybody knows Ford sucks. Hard. They haven't won a NASCAR championship in years.

Is there even a single part on a modern NASCAR car that has any relation at all to an actual production vehicle?

I think that argument is kind of like "Law degrees from Yale suck: Their football record was only 3-7 this year."

Slashdot Top Deals

The easiest way to figure the cost of living is to take your income and add ten percent.

Working...