From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,c4d884378fc6b03c
X-Google-Attributes: gid103376,public
From: ok@goanna.cs.rmit.edu.au (Richard A. O'Keefe)
Subject: Re: Two questions
Date: 1996/11/13
Message-ID: <56btal$jpt$1@goanna.cs.rmit.edu.au>#1/1
X-Deja-AN: 196163553
references: <561dfo$h2g@news2.delphi.com>
organization: Comp Sci, RMIT, Melbourne, Australia
nntp-posting-user: ok
newsgroups: comp.lang.ada
Date: 1996-11-13T00:00:00+00:00
List-Id: <comp.lang.ada>


tmoran@bix.com writes:
>The Ada idiom for
>  char str[20];
>  sprintf(&str, "variable %s = %d", name, x);
>would be something like:
>declare
>  str:constant string := "variable " & name & " =" & integer'image(x);
>begin
> ...
>Or, since you can return whole strings from functions, you can have
> ... return "variable " & name & " =" & integer'image(x);

He doesn't point out that the C version has a _major_ bug which the
Ada version is completely free of:  sprintf() is vulnerable to buffer
overflow.  In this particular example, the string
	"variable %s = %d"
contains 12 non-NUL non-format-item characters.  sprintf() will write
a NUL to the buffer, so we have 20 - (12 + 1) = 7 characters to hold
both the name and the value.  If the value x is 100 and the name is
"foobar", you are out of luck.

The Ada version, in contrast, returns a string which is just the
right size to hold the answer.

There's one other difference, which is that to get an Ada equivalent
of %d you need Trim(Integer'Image(x)) to get rid of the leading blanks.
(There's a lot of string handling stuff in Ada 95.)

-- 
Mixed Member Proportional---a *great* way to vote!
Richard A. O'Keefe; http://www.cs.rmit.edu.au/%7Eok; RMIT Comp.Sci.