Array bounds checking with C????
Don Libes
libes at cme.nist.gov
Mon Aug 27 10:17:26 AEST 1990
In article <26196 at mimsy.umd.edu> chris at mimsy.umd.edu (Chris Torek) writes:
>In article <7611 at ucdavis.ucdavis.edu> kuan at iris.ucdavis.edu
>(Frank [Who me?] Kuan) writes:
>>Why is it that most C compilers don't seem to [check array bounds]?
>
>Mostly because it is hard. Given `int *p', is `p[-1] = 3' valid?
>That depends on the value of p....
>
>There is a company called Saber that produces a product called
>Saber-C that does this and more. It works quite well, although last
>I had heard it still objected to `&arr[sizeof arr/sizeof *arr]',
>which is Officially Legal. (Fortunately you can turn off each
>individual objection.)
Saber objects to a lot of things that are legal, but then, so does
lint. And in most cases, it makes sense to use one of their
directives to explicitly disable the objection.
Saber complains about some things that I think it shouldn't to begin
with, but again so does lint.
I highly recommend Saber. I don't use it all the time - we have a
limited number of licenses here - but when lint and the debugger fail
me, I pull out Saber. It's pretty damn useful.
Don Libes libes at cme.nist.gov ...!uunet!cme-durer!libes
More information about the Comp.lang.c
mailing list