undefined | Better HN

0 pointsuecker4mo ago0 comments

Arrays are not pointers and if you do not let them decay to one, they do preserve the length information.

0 comments

They surely behave like one as soon as they leave local scope.

Kind of hard when passing them around as funcion parameters, and the static trick doesn't really work in a portable way.

Lets seen how far WG14 gets with cybersecurity laws with this kind of answers being analysed by SecDevOps and Infosec experts.

dfawcus4mo ago

Then don't allow it to decay:

    void arr_fn(char (*arr)[15]) {
        enum { len = sizeof *arr }; printf("len of array: %d\n", len);
        printf("Got: %.*s\n", len, *arr);
    }
    void sptr_fn(char ptr[static 15]) { printf("Got: %s\n", ptr); }
    int main(void) {
        char array[15] = "Hello, World!";

        arr_fn(&array); sptr_fn(array); return 0;
    }

Using gcc (and similarly clang) removing the '15' from 'array', and allowing it to allocate it as 14 chars will result in warnings for both function calls.

One can hide that ptr to array behind a typedef to make it more readable:

    typedef char (Arr_15)[15];
    void arr_fn2(Arr_15 *arr) {

What do you mean by 'the static trick'? Is that what I have in sptr_fn()?

pjmlp4mo ago

That is the static trick.

The issues as it stands today are:

- It is still a warning instead of an error, and we all know how many projects have endless lists of warnings

- Only GCC and clang issue such warning, if we want to improve C, security must be imposed to all implementations

https://c.godbolt.org/z/fEKzT4WfM

2 more replies

ordu4mo ago

    int arr[4];
    foo(arr);

We can look at this code like it passes an array by reference, but how to pass `arr` by value?

ueckerOP4mo ago

You can pass it by value when putting it into a struct. You can also pass a pointer to the array instead of letting it decay.

void foo(int (*arr)[4]);

int arr[4]; foo(&arr);

j / k navigate · click thread line to collapse

0 comments

pjmlp4mo ago

They surely behave like one as soon as they leave local scope.

Kind of hard when passing them around as funcion parameters, and the static trick doesn't really work in a portable way.

Lets seen how far WG14 gets with cybersecurity laws with this kind of answers being analysed by SecDevOps and Infosec experts.

dfawcus4mo ago

Then don't allow it to decay:

    void arr_fn(char (*arr)[15]) {
        enum { len = sizeof *arr }; printf("len of array: %d\n", len);
        printf("Got: %.*s\n", len, *arr);
    }
    void sptr_fn(char ptr[static 15]) { printf("Got: %s\n", ptr); }
    int main(void) {
        char array[15] = "Hello, World!";

        arr_fn(&array); sptr_fn(array); return 0;
    }

Using gcc (and similarly clang) removing the '15' from 'array', and allowing it to allocate it as 14 chars will result in warnings for both function calls.

One can hide that ptr to array behind a typedef to make it more readable:

    typedef char (Arr_15)[15];
    void arr_fn2(Arr_15 *arr) {

What do you mean by 'the static trick'? Is that what I have in sptr_fn()?

pjmlp4mo ago

That is the static trick.

The issues as it stands today are:

- It is still a warning instead of an error, and we all know how many projects have endless lists of warnings

- Only GCC and clang issue such warning, if we want to improve C, security must be imposed to all implementations

https://c.godbolt.org/z/fEKzT4WfM

2 more replies

ordu4mo ago

    int arr[4];
    foo(arr);

We can look at this code like it passes an array by reference, but how to pass `arr` by value?

ueckerOP4mo ago

You can pass it by value when putting it into a struct. You can also pass a pointer to the array instead of letting it decay.

void foo(int (*arr)[4]);

int arr[4]; foo(&arr);

j / k navigate · click thread line to collapse