From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,8623fab5750cd6aa
X-Google-Attributes: gid103376,public
Newsgroups: comp.lang.ada
Subject: Re: Ada BIND was: Improving Ada's image - Was: 7E7 Flight Controls
 Electronics
References: <AN7zc.23810$wi2.16596@nwrdny01.gnilink.net>
 <mailman.108.1087258143.391.comp.lang.ada@ada-france.org>
From: Brian May <bam@snoopy.apana.org.au>
X-Home-Page: http://snoopy.apana.org.au/~bam/
Date: Tue, 15 Jun 2004 12:40:46 +1000
Message-ID: <sa4isdttufl.fsf@snoopy.apana.org.au>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)
Cancel-Lock: sha1:TycyZIVTQbWlzzCDMKo6jSausJU=
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
NNTP-Posting-Host: dsl-202-173-153-89.vic.westnet.com.au
X-Trace: news.melbourne.pipenetworks.com 1087267246 202.173.153.89 (15 Jun
 2004 12:40:46 +1000)
X-Complaints-To: abuse@pipenetworks.com
X-Abuse-Info: Please forward all headers to enable your complaint to be
 properly processed.
Path: 
 g2news1.google.com!news2.google.com!news.maxwell.syr.edu!news.mel.connect.com.au!news.melbourne.pipenetworks.com!not-for-mail
Xref: g2news1.google.com comp.lang.ada:1491
Date: 2004-06-15T12:40:46+10:00
List-Id: <comp.lang.ada>

>>>>> "Alexander" == Alexander E Kopilovich <aek@VB1162.spb.edu> writes:

    Alexander> Well, for C, that is for fread and fgets I would say
    Alexander> that although these functions indeed have maximum
    Alexander> amount of bytes to be read onto a buffer as a
    Alexander> parameter, but:

    Alexander> 1) this maximum, if not computed from "preliminary
    Alexander> read", is usually set manually, it does not computed
    Alexander> automatically from the length of the buffer used in
    Alexander> that fread/fgets; therefore there is an obsvious
    Alexander> possibility of programmer's mistake, which will not be
    Alexander> noticed by compiler;

...not to mention older functions that don't support a string length
(eg. sprintf). Some have better versions (eg. snprintf or asprintf),
but such functions are often non-standard and non-portable extensions.

    Alexander> 2) sometimes there is no reasonable estimate for
    Alexander> *guaranteed* maximum of a string to be read, and
    Alexander> therefore the length of the string can be greater than
    Alexander> already allocated buffer; reading a string in chunks
    Alexander> can be inconvenient for some reasons, and thus that
    Alexander> double reading (first pass for determining the length
    Alexander> of string, then allocating the buffer, and then second
    Alexander> pass with filling the buffer).

Perhaps I am showing my ignorance, but do you read a string of
undefined length into an Ada program?

Isn't setting a maximum length of a string a good thing? eg. I don't
want my network daemon to try and allocate 1 gigabyte of memory just
because somebody sends it a line 1 gigabyte long, when the expected
maximum length was 80 bytes. This could be a security issue in itself
(Denial-of-service attack).

However, allocating lots of memory just in case the worst case
scenario occurs does sound wasteful to me, and perhaps this is what
you mean.
-- 
Brian May <bam@snoopy.apana.org.au>