Use of C.Strings.Value Function Considered Harmful

comp.lang.ada
 help / color / mirror / Atom feed

* Use of C.Strings.Value Function Considered Harmful
@ 1999-12-03  0:00 Anton Gibbs
  1999-12-03  0:00 ` David C. Hoos, Sr.
  0 siblings, 1 reply; 4+ messages in thread
From: Anton Gibbs @ 1999-12-03  0:00 UTC (permalink / raw)


Dear Ada Community,

Now here is a funny thing - though I doubt whether I am the first to
experience it.

I have been passed a C structure one of whose fields purports to be a
pointer to a standard C null-terminated string. I want to copy the
string into the Ada world so I thought I would use the Value function in
B.3.1 (37):

   function Value( Item : in chars_ptr ) return String;

which is defined as being equivalent to:

   To_Ada( Value( Item ), Trim_Nul => False );

This works fine except that I want to guard against the C pointer being
bad and serving me up with a potentially limitless string of rubbish. So
I thought I would use the Value function from B.3.1 (35):

   function Value( Item : in chars_ptr; Length : in size_t )
            return String;

with Length set to some maximum string size that I would be willing to
handle (say 20).

The trouble is that if the pointer designates a string containing 20 or
more characters before its first Nul, then, far from truncating the
result as I had expected, all Value does is raise Terminator_Error. What
is the use of that ?

Presumably I am missing something here.

Thanks for whatever help and advice you can give.

Best -- Anton Gibbs

-- 
Civil Air Traffic Management Group
Defence Evaluation and Research Agency
Bedford, UK

"The Information contained in this E-Mail and any 
subsequent correspondence is private and is intended
solely for the intended recipient(s).  For those
other than the intended recipient any disclosure,
copying, distribution, or any action taken or 
omitted to be taken in reliance on such information
is prohibited and may be unlawful."




^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Use of C.Strings.Value Function Considered Harmful
  1999-12-03  0:00 Use of C.Strings.Value Function Considered Harmful Anton Gibbs
@ 1999-12-03  0:00 ` David C. Hoos, Sr.
  1999-12-06  0:00   ` Anton Gibbs
  0 siblings, 1 reply; 4+ messages in thread
From: David C. Hoos, Sr. @ 1999-12-03  0:00 UTC (permalink / raw)



Anton Gibbs <agibbs@dera.gov.uk> wrote in message
news:3847E5CE.4F9E@dera.gov.uk...
> Dear Ada Community,
>
> Now here is a funny thing - though I doubt whether I am the first to
> experience it.
>
> I have been passed a C structure one of whose fields purports to be a
> pointer to a standard C null-terminated string. I want to copy the
> string into the Ada world so I thought I would use the Value function in
> B.3.1 (37):
>
>    function Value( Item : in chars_ptr ) return String;
>
> which is defined as being equivalent to:
>
>    To_Ada( Value( Item ), Trim_Nul => False );
>
> This works fine except that I want to guard against the C pointer being
> bad and serving me up with a potentially limitless string of rubbish. So
> I thought I would use the Value function from B.3.1 (35):
>
>    function Value( Item : in chars_ptr; Length : in size_t )
>             return String;
>
> with Length set to some maximum string size that I would be willing to
> handle (say 20).

The function from B.3.1 (35) has the profile:

function Value (Item : in chars_ptr; Length : in size_t)
 return char_array;

_not_ the function you described above.  That function is from
B.3.1 (39), which is defined as equivalent to

Equivalent to To_Ada(Value(Item, Length), Trim_Nul=>True).

>
> The trouble is that if the pointer designates a string containing 20 or
> more characters before its first Nul, then, far from truncating the
> result as I had expected, all Value does is raise Terminator_Error. What
> is the use of that ?

The definition of To_Ada specifies the raising of Terminator_Error when
Item contains no nul.

You can use the function Interfaces.C.To_Ada, to convert the char_array
result of the function from B.3.1 (35) to an Ada String.

>
> Presumably I am missing something here.
>
> Thanks for whatever help and advice you can give.
Read the manual??








^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Use of C.Strings.Value Function Considered Harmful
  1999-12-03  0:00 ` David C. Hoos, Sr.
@ 1999-12-06  0:00   ` Anton Gibbs
  1999-12-06  0:00     ` Lutz Donnerhacke
  0 siblings, 1 reply; 4+ messages in thread
From: Anton Gibbs @ 1999-12-06  0:00 UTC (permalink / raw)

David C. Hoos, Sr. wrote:

> You can use the function Interfaces.C.To_Ada, to convert the char_array
> result of the function from B.3.1 (35) to an Ada String.

> Read the manual??

I am just baffled by how unhelpful the Length parameter is in:

     function Value( Item : in chars_ptr; Length : in size_t )
              return String;  -- B3.1(39)

As far as I can tell (from reading the manual, funny enough), if the
designated string contains fewer than `Length' characters before its
first null, then it returns a string of length < `Length' otherwise it
raises Terminator_Error.

What I have ended up doing (as David C. Hoos, Sr. suggests) is to call:

     function Value (Item : in chars_ptr; Length : in size_t)
              return char_array;  -- B3.1(35)

and then append a (sometimes superfluous) ASCII.nul before calling
C_To_Ada with Trim_Null set to True. I would have liked a single call to
Value to do all this for me; afterall, what I am trying to do here is
not that unusual is it ?

Thanks.

Best -- Anton.

-- 
Civil Air Traffic Management Group
Defence Evaluation and Research Agency
Bedford, UK

"The Information contained in this E-Mail and any 
subsequent correspondence is private and is intended
solely for the intended recipient(s).  For those
other than the intended recipient any disclosure,
copying, distribution, or any action taken or 
omitted to be taken in reliance on such information
is prohibited and may be unlawful."

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Use of C.Strings.Value Function Considered Harmful
  1999-12-06  0:00   ` Anton Gibbs
@ 1999-12-06  0:00     ` Lutz Donnerhacke
  0 siblings, 0 replies; 4+ messages in thread
From: Lutz Donnerhacke @ 1999-12-06  0:00 UTC (permalink / raw)


* Anton Gibbs wrote:
>I am just baffled by how unhelpful the Length parameter is in:
>     function Value( Item : in chars_ptr; Length : in size_t )
>              return String;  -- B3.1(39)
>As far as I can tell (from reading the manual, funny enough), if the
>designated string contains fewer than `Length' characters before its
>first null, then it returns a string of length < `Length' otherwise it
>raises Terminator_Error.

The exception prevents you from loosing data in conversion.

>What I have ended up doing (as David C. Hoos, Sr. suggests) is to call:
>     function Value (Item : in chars_ptr; Length : in size_t)
>              return char_array;  -- B3.1(35)
>and then append a (sometimes superfluous) ASCII.nul before calling
>C_To_Ada with Trim_Null set to True. I would have liked a single call to
>Value to do all this for me; afterall, what I am trying to do here is
>not that unusual is it ?

This procedere enshures a working program. It does not guarantee
functionality. Moreover it introduces a wonderfully hidden error
which can be live for years without causing trouble.




^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~1999-12-06  0:00 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1999-12-03  0:00 Use of C.Strings.Value Function Considered Harmful Anton Gibbs
1999-12-03  0:00 ` David C. Hoos, Sr.
1999-12-06  0:00   ` Anton Gibbs
1999-12-06  0:00     ` Lutz Donnerhacke

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox