这是不好的编码习惯吗?

发布于 2024-10-10 11:16:55 字数 629 浏览 5 评论 0原文

我正在使用 PC-lint 来分析我的代码,这些行产生了几个错误。这让我想知道我的编码实践是否错误?

char *start;
char *end;

// Extract the phone number
start = (char*) (strchr(data, '\"') +1);
end = (char*) strchr(start, '\"');
*end = 0;
strlcpy((char*)Fp_smsSender, start , start-(end-1));

编辑: 经过你的帮助,我现在有了:

char *start;
char *end;

if (data != NULL)
{
  // Extract the phone number
  start = strchr(data, '\"');
  if (start != NULL)
  {
    ++start;
    end = strchr(start, '\"');

    if (end != NULL)
    {
      *end = 0;
      strlcpy((char*)Fp_smsSender, start , FP_MAX_PHONE);
    }
  }

看起来怎么样?

I'm using PC-lint to analyze my code and theese lines are generating several errors. That makes me wonder if my coding pratice is wrong?

char *start;
char *end;

// Extract the phone number
start = (char*) (strchr(data, '\"') +1);
end = (char*) strchr(start, '\"');
*end = 0;
strlcpy((char*)Fp_smsSender, start , start-(end-1));

EDIT:
After your help i now have:

char *start;
char *end;

if (data != NULL)
{
  // Extract the phone number
  start = strchr(data, '\"');
  if (start != NULL)
  {
    ++start;
    end = strchr(start, '\"');

    if (end != NULL)
    {
      *end = 0;
      strlcpy((char*)Fp_smsSender, start , FP_MAX_PHONE);
    }
  }

How does that look?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

你与清晨阳光 2024-10-17 11:16:55

有两件事:首先,您不处理 strchr 的 NULL 返回。

其次(更严重的是),您传递给 strlcpy 的长度是错误的:您需要 end - start 或类似的东西(您已经颠倒了),但更根本的是, strlcpy 的长度参数应该是目标缓冲区的大小,而不是源字符串。

Two things: first you don't handle NULL returns from strchr.

Second (and more seriously), the length you pass to strlcpy is wrong: you would want end - start or something similar (you have that reversed), but more fundamentally, the length argument to strlcpy should be the size of the destination buffer, not the source string.

小巷里的女流氓 2024-10-17 11:16:55

我想 lint 抱怨的是 strchr() 可能会返回 NULL 指针,而您在执行指针算术并取消引用它之前没有检查它。

您可能想做类似的事情:

char *start;
char *end;

// Extract the phone number
start = strchr(data, '\"');
if (!start) handle_error();

++start; // skip the '\"'
end = strchr(start, '\"');
if (!end) handle_error();

*end = 0; 
strlcpy((char*)Fp_smsSender, start, size_of_Fp_smsSender_buffer);

请注意,我更改了 strlcpy() 调用的最后一个参数 - 该参数的用途是指定目标缓冲区的大小,这样就不会溢出它。你传递的值根本没有意义,lint 也可能抱怨这一点。您可能指的是 end-(start-1),它可能更简单地表述为 strlen(start)+1

无论如何,即使将 strlen(start)+1 作为最后一个参数传递给 strlcpy() 也会违反参数的意图,并删除安全 strlcpy() 应该提供。您不妨简单地使用 strcpy(Fp_smsSender,start) - 如果您不知道 Fp_smsSender 目标缓冲区有多大,您应该这样做(或者修复一些问题,这样你就知道缓冲区有多大)。代码实际上在做什么会更清楚。

I imagine that what lint is complaining about is that strchr() might return a NULL pointer, and you're not checking for that before performing pointer arithmetic and dereferencing it.

You might want to do something like:

char *start;
char *end;

// Extract the phone number
start = strchr(data, '\"');
if (!start) handle_error();

++start; // skip the '\"'
end = strchr(start, '\"');
if (!end) handle_error();

*end = 0; 
strlcpy((char*)Fp_smsSender, start, size_of_Fp_smsSender_buffer);

Note that I changed the last parameter to the strlcpy() call - what that parameter is for is to specify the size of the destination buffer so you don't overrun it. The value you're passing makes no sense at all, and lint probably complained about that too. You probably meant end-(start-1) which might be more simply stated as strlen(start)+1.

Anyway, even passing in strlen(start)+1 as the last parameter to strlcpy() violates the intent of the parameter, and removes the safety strlcpy() is supposed to provide. You might as well have simply used strcpy(Fp_smsSender,start) - and if you don't know how big the Fp_smsSender destination buffer is, you should do exactly that (or fix things so you do know how big the buffer is). It'll be more clear what the code is actually doing.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文