Array bounds checking with C????
Gary Duzan
gdtltr at freezer.it.udel.edu
Fri Aug 31 15:38:13 AEST 1990
In article <988 at christopher-robin.cs.bham.ac.uk> cjr at christopher-robin.UUCP (Chris Ridd <RiddCJ>) writes:
=>In article <26196 at mimsy.umd.edu> chris at mimsy.umd.edu (Chris Torek) writes:
=>>In article <7611 at ucdavis.ucdavis.edu> kuan at iris.ucdavis.edu
=>>(Frank [Who me?] Kuan) writes:
=>>>Why is it that most C compilers don't seem to [check array bounds]?
=>>
=>>Mostly because it is hard. Given `int *p', is `p[-1] = 3' valid?
=>>That depends on the value of p....
=>>
=>>There is a company called Saber that produces a product called
=>>Saber-C that does this and more. It works quite well, although last
=>>I had heard it still objected to `&arr[sizeof arr/sizeof *arr]',
=>>which is Officially Legal. (Fortunately you can turn off each
=>>individual objection.)
=>
=> Why is this? I never could figure out why accessing the first
=>element *past* the end of an array should be legal.
=>
Correct me if I am wrong, but I don't believe accessing the element after
is legal, but the pointer is still legal. In other words:
int x,foo[foolen],*fooptr;
x=foo[foolen]; /* Illegal */
fooptr=foo+foolen; /* Legal, points one int past end of foo */
x=*fooptr; /* Illegal */
--fooptr; /* Legal, points to last element of foo */
Gary Duzan
Time Lord
Third Regeneration
--
gdtltr at freezer.it.udel.edu
_o_ -------------------------- _o_
[|o o|] If you can square, round, or cube a number, why not sphere it? [|o o|]
|_O_| "Don't listen to me; I never do." -- Doctor Who |_O_|
More information about the Comp.lang.c
mailing list