有没有真正安全的 C 格式库?
牢记有关更安全 C 格式库,我想知道是否有安全 C 格式库?
我的意思是:
- 不可能与参数中的格式字符串不匹配
- 不可能因传递错误的类型而崩溃
- 没有平台相关的方面
请不要回答有关 Microsoft 安全字符串库,或不太不安全但仍不完全安全的库,据我所知,它们不满足总体安全的要求。
提前致谢
Bearing in mind the answers given to a question about a safer formatting library for C, I'm wondering whether there is a safe C formatting library?
What I mean is:
- there's no possibility to mismatch the format string from the arguments
- there's no possibility to crash by passing the wrong type
- there're no platform-dependent aspects
Please don't answer about the Microsoft Safe String Library, or libraries that are less unsafe but still not totally safe, as I'm aware of these, and they don't satisfy the requirements for total safety.
Thanks in advance
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
你正在用 C 编写。C 不是类型安全的。 如果传递
int*而不是char*,则无法避免未定义的行为。 如果您的变量没有进行静态类型检查/标记以进行运行时检查,那么就不存在“不可能”这样的事情。如果您有一些会产生警告的东西,那已经很好了...
如果您确实需要或想要安全,您可能需要看看cyclone(C 方言),或一些完全不同的语言。
You're writing in C. C is not type-safe. You cannot avoid undefined behaviour if you pass an
int*instead of achar*. There's no such thing as "there's no possibility" if your variables are not statically type checked / tagged for runtime checking.If you have something that produces warnings, that's quite good already...
If you really need or want safety, you may want to have a look at cyclone (C dialect), or some completely different languages.
如果您想要一个格式字符串,如果没有特殊的编译器支持,您基本上无法做到这一点。 也就是说,如果您放弃格式字符串,您可以在 C 中拥有一个安全的格式化库。 我不知道有什么,但如果它们存在我也不会感到惊讶。
人们可以拥有这样的界面:
如果有点冗长,这样的东西将是完全安全的。
If you want a format string, without special compiler support you basically can't do it. That said, you could have a safe formatting library in C if you forgo the format string. I'm not aware of any, but I would not be surprised if they existed.
One could have an interface like:
Something like this would be perfectly safe, if a bit verbose.
不,因为无论你引入什么“安全”,都可能被语言所收买。 这就像在沙子上建造城堡一样,无论城堡有多好,如果你把下面的沙子挖出来,它仍然会倒塌。
C 中没有也不应该有强制执行特定参数类型的机制。
在我看来,如果人们没有按照他们的预期使用你的工具,那是他们自己的问题。 你不应该向三岁的孩子提供软件——他们应该有一点智力。
No, because whatever "safety" you introduce can be suborned by the language. It's like building your castle on sand - it doesn't matter how good the castle is, it can still be made to fall if you dig out the sand from underneath it.
There is no mechanism in C to enforce specific parameter types, nor should there be.
If people don't use your tools as they're meant to, that's their own problem, in my opinion. You're not supposed to be providing software to three-year-olds - they're expected to have some modicum of intelligence.