• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Just starting off in obj C
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Just starting off in obj C

  • Subject: Re: Just starting off in obj C
  • From: Bill Bumgarner <email@hidden>
  • Date: Sat, 25 Oct 2008 12:01:44 -0700
On Oct 25, 2008, at 5:02 AM, Chris Idou wrote:
Ahh yes, but format specifications are not part of the language, they are part of the library, and thus its not really part of the compiler's job to check them. That some compilers do check them is quite an ugly hack, rather than a defence of the language. It's putting a special case in the compiler, that the compiler can't check as a general case. If one was designing a safe language then variable argument functions would be able to report how many arguments were passed to it without resort to nil terminators, format strings and other brittle mechanisms.

Actually, the C standard encompasses both the C language and the C runtime library, libC. libC includes printf style formatting functions and, as such, the spec contains very exact descriptions of the formatting string behavior therein.

See:

	http://www.open-std.org/JTC1/SC22/WG14/www/standards

More specifically:

	http://www.open-std.org/JTC1/SC22/WG14/www/docs/n1124.pdf

Thus, a compiler that implements the C99 standard in its entirety should very much perform full on type checking of the arguments to printf() based on the contents of the format string (when, of course, said formatting string is actually a static string).

Foundation's and CoreFoundation's formatted string support is, of course, not a part of the specification and implement behaviors quite a bit different than printf(). To further complicate matters, the formatting string, while static, is often an object in and of itself. Then there is the whole localization support issue.

As for brittleness, yup -- C *can* be brittle if you abuse
typecasting
and ignore compiler warnings.

I have to disagree, C is by its nature fairly brittle. Uninitialized pointers, buffer overruns, untyped pointers, varargs functions, memory management... there's a lot of ways to blow up a program that can't happen in other languages.

Sure -- the C runtime is brittle in the ways you mentioned and thank goodness tools like the Clang static analyzer and Valgrind are providing means of finding and eliminating such bugs.

That wasn't the point, though. At compilation time, the C language is relatively non-brittle. By ensuring most of the warnings provided by the compiler are enabled, that your code compiles without warnings, and that you aren't doing various rather dangerous casting operations, the compile time brittleness of C is greatly mitigated.

b.bum

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Just starting off in obj C
      • From: Chris Idou <email@hidden>
References: 
 >Re: Just starting off in obj C (From: Chris Idou <email@hidden>)

  • Prev by Date: Problems adding files to cvs repository at sourceforge.net
  • Next by Date: Obj C ...good style
  • Previous by thread: Re: Just starting off in obj C
  • Next by thread: Re: Just starting off in obj C
  • Index(es):
    • Date
    • Thread