G
Grumble
As far as I can tell, strdup() is neither in C89 nor in C99.
Is that correct?
<OT>Is it in POSIX perhaps?</OT>
Is that correct?
<OT>Is it in POSIX perhaps?</OT>
Grumble said:As far as I can tell, strdup() is neither in C89 nor in C99.
Is that correct?
Yes.
<OT>Is it in POSIX perhaps?</OT>
As far as I can tell, strdup() is neither in C89 nor in C99.
Is that correct?
<OT>Is it in POSIX perhaps?</OT>
Grumble said:As far as I can tell, strdup() is neither in C89 nor in C99.
Is that correct?
<OT>Is it in POSIX perhaps?</OT>
Grumble said:As far as I can tell, strdup() is neither in C89 nor in C99.
Is that correct?
<OT>Is it in POSIX perhaps?</OT>
char *p = dupstr(str);
if (p == NULL) {
perror("dupstr failed");
/* handle error */
}
If you really wish to keep the null pointer check, it is more useful to
set errno accordingly;
if (s == NULL) {
errno = EINVAL;
return NULL;
} else if ((p = malloc(n = strlen(s) + 1)) == NULL) {
return NULL;
}
Tor said:Normally, a "mean and lean" attitude is sufficient. Why keep
on going -- if there isn't going to be done any recovery of
malloc failures anyway?
on going -- if there isn't going to be done any recovery of
malloc failures anyway?
Normally, a "mean and lean" attitude is sufficient. Why keep
on going -- if there isn't going to be done any recovery of
malloc failures anyway?
Gordon Burditt said:I hope you don't design airplanes, nuclear power plants,
weapons systems, or firmware for automobile engines
Tor said:My point was, without any error-recovery logic elsewhere,
then it's simpler to die at the point-of-failure.
/*
char* dupnstr (const char *s,size_t n)
Works like dupstr() but it only copies the
first n characters.
A terminating '\0' is *always* added.
*/
char* dupnstr (const char *s,size_t n)
{
char *p;
assert(s != NULL);
p = malloc(n+1);
if (p) {
p=strncpy(p,s,n);
p[n]='\0';
}
return p;
}
Nils said:CBFalconer wrote:
.... snip ...
I would argue that your version is inferior because it masks the bug of
passing a null pointer to dupstr(), and there is no convenient way to
distinguish between this bug and failure to allocate memory. How is the
caller supposed to put your check to good use? Although the standard
does not say anything about errno being set to an appropriate error code
when malloc() fails, the ``Quality of Implementation'' factor is usually
such that malloc() does this. Therefore, callers of this function may
reasonably wish to rely on a meaningful errno value in order to diagnose
the error as ``dupstr() failed becaue of ...'' rather than ``dupstr()
failed for an unknown reason'':
Default User said:I disagree. This is intended to be a library function, so it should not
be killing the application. The fact that the code as currently written
doesn't have error-checking does not justify removing any possibility
of doing so.
Michael said:IMO, this is infelicitous. If n > strlen(s), you're wasting memory
and cycles [...]
If the intent of the
function is to always allocate n+1 bytes, fine, but that's not what
the description says.
I'm not the inventor of strndup, I only tried to provide a portableOf course, this also falls afoul of Richard Heathfield's objection to
strncpy / strncat: it's only useful if you don't mind silently
truncating the copy. If you need to know whether truncation
occurred, you might as well just check the source length first. And
most well-behaved programs will need to know whether truncation
occurred (or would occur).
Tor Rustad said:Have done safety-critical engineering for many years, still do.
Rule 118 (required):
"Dynamic heap memory allocation shall not be used"
Reference: MISRA C, April 1998
My point was, without any error-recovery logic elsewhere,
then it's simpler to die at the point-of-failure.
Whoever wrote this rule does not understand the perversity of human
nature. What's to stop me from declaring a humungous static array, and
getting my dynamic memory from it? Well-checked dynamic allocation is
perfectly safe; this rule should read more like "All dynamic memory
allocation shall be checked, and appropriate measures taken on failure".
Note also the absence of the word "heap".
That's not an argument for dying in a malloc() wrapper, that's an
argument for more error recovery elsewhere.
Richard
Whoever wrote this rule does not understand the perversity of human
nature. What's to stop me from declaring a humungous static array, and
getting my dynamic memory from it?
Well-checked dynamic allocation is
perfectly safe; this rule should read more like "All dynamic memory
allocation shall be checked, and appropriate measures taken on failure".
Note also the absence of the word "heap".
That's not an argument for dying in a malloc() wrapper, that's an
argument for more error recovery elsewhere.
Peter said:Groovy hepcat Chris Croughton was jivin' on Tue, 22 Mar 2005 11:55:03
+0000 in comp.lang.c.
Re: strdup()'s a cool scene! Dig it!
Yes, if you want to have nasal demons for tea. Identifiers with
external linkage beginning with str and a lower case letter are
reserved.
Oh Peter, you're such an old woman. Surely defining strdup() will get
you in trouble only if it already exists, in which case you don't need
to define it yourself.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.