SDS
Cppcheck
Our great sponsors
SDS | Cppcheck | |
---|---|---|
48 | 11 | |
4,773 | 5,448 | |
- | - | |
0.0 | 9.9 | |
6 months ago | 1 day ago | |
C | C++ | |
BSD 2-clause "Simplified" License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SDS
-
Strlcpy and strlcat added to glibc 2.38
Let me reframe this. What we're saying to do is stop using C string manipulation such as strcat, strcpy, etc. Particularly, I'm saying simply don't use C-style null terminated strings until you actually go to call a C ABI interface where it is necessary.
The argument against this is that you might call something that already does this. Yes, sure, that IS true, but what this betrays is the fact that you have to deal with that regardless of whether or not you add additional error-prone C string manipulation code on top of having to worry about memory ownership, mutation, etc. when passing blobs of memory to "untrusted" APIs.
It's not about passing the buck. Passing a blob of memory to an API that might do horrible things not defined by an API contract is not safe if you do strcat to construct the string or you clone it out of an std::string or you marshal it from Go or Rust. It's about not creating a bigger mess than you already have.
Okay fine, but what if someone hates C++ and Rust and Go and Zig? No problem. There are a slew of options for C that can all handle safer, less error-prone string manipulation, including interoperability with null-terminated C strings. Like this one used in Redis:
https://github.com/antirez/sds
And on top of everything else, it's quite ergonomic, so it seems silly to not consider it.
This entire line of thinking deeply reminds me of Technology Connection's video The LED Traffic Light and the Danger of "But Sometimes!".
https://youtube.com/watch?v=GiYO1TObNz8
I think hypothetically you can construct some scenarios where not using C strings for string manipulation requires more care, but justifying error prone C string manipulation with "well, I might call something that might do something unreasonable" as if that isn't still your problem regardless of how you get there makes zero sense to me.
And besides, these hypothetical incorrect APIs would crash horrifically on the DS9K anyways.
-
Safest way to copy a string?
Even better, use a string handling library. Personally I am a big fan of (sds)[https://github.com/antirez/sds] from the Redis creator. It's not even a dependancy you can just copy the .c and .h to your project.
-
New C features in GCC 13
One nice application is length-prefixed string literals to complement dynamic string libraries:
-
Strlcpy and Strlcat – Consistent, Safe, String Copy and Concatenation (1999) [pdf]
The better answer would be to add data types like SDS[0] to the standard library, and use them as ADTs (Abstract Data Types) [1].
Unfortunely WG14 has proven in 30 years of existence, that it isn't something that they care to fix, and while 3rd party solutions exist, without vocabulary types on the stardard library adoption will never take off.
[0] - https://github.com/antirez/sds
[1] - https://en.wikipedia.org/wiki/Abstract_data_type
-
C Strings and my slow descent to madness
With the woes of string.h being known, why not just use an alternative like https://github.com/antirez/sds ?
I’ve also been having a blast with C because writing C feels like being a god! But the biggest thing that I like about C is that the world is sort of written on it!
Just yesterday I needed to parse a JSON… found a bunch of libraries that do that and just picked one that I liked the API.
-
How can i know for sure that i am allocating enough memory?
Please note that the discussion started with requirement for no dynamic allocation in critical code what virtually eliminates std::string. I agree that std::string code tends to be simpler but the main reason is that the standard C library sucks on strings. There are better alternatives like sds but they are ... not standard.
-
str_header.h - A single header C string library
Another day, another post about a writing a bespoke string lib instead of using SDS
-
C_dictionary: A simple dynamically typed and sized hashmap in C - feedback welcome
d) everything being a macro seems overkill for me (and possibly dangerous, see b)). Maybe implement more as static inline functions, see the sds header: https://github.com/antirez/sds/blob/master/sds.h (which does a similar thing with the header struct).
-
Updated book to learn C
For example, you can use the C language with sds strings (see https://github.com/antirez/sds) if you want to have an easier time with string formatting and don't want to worry about using the famously unsafe string.h functions correctly. You'll still program in ISO C, but just not in the standard library. The same applies to pretty much all parts of the standard library, the only part unsurpassed is pretty much just printf and the math headers (math.h, fenv.h, tgmath.h, complex.h) imo, and the occasional call to exit. A good place to look for libraries if you want to go that route is the awesome-c collection: https://github.com/oz123/awesome-c
-
Convenient Containers: A usability-oriented generic container library
One way around this problem is to declare the container as a pointer to the element type and then store the container’s metadata, alongside its elements, in the heap block to which the pointer points. This approach is already used for dynamic arrays in several container libraries, most notably stb_ds and sds. They place the metadata before the elements and provide the user with a pointer to the elements themselves (this has the nice effect that users can use the [] operator to access elements).
Cppcheck
-
Configuring Cppcheck, Cpplint, and JSON Lint
I dedicated Sunday morning to going over the documentation of the linters we use in the project. The goal was to understand all options and use them in the best way for our project. Seeing their manuals side by side was nice because even very similar things are solved differently. Cppcheck is the most configurable and best documented; JSON Lint lies at the other end.
- Cppcheck/Releasenotes.txt
-
Enforcing Memory Safety?
Using infer, someone else exploited null-dereference checks to introduce simple affine types in C++. Cppcheck also checks for null-dereferences. Unfortunately, that approach means that borrow-counting references have a larger sizeof than non-borrow counting references, so optimizing the count away potentially changes the semantics of a program which introduces a whole new way of writing subtly wrong code.
-
Check out my tasks.json for C++ of VScode
Also check out (cppcheck)[https://github.com/danmar/cppcheck] if you want more static analysis
-
What are the must-have tools for any C++ developer?
My browser refuses to open that link. This is better: https://github.com/danmar/cppcheck
-
Awesome Penetration Testing
cppcheck - Extensible C/C++ static analyzer focused on finding bugs.
-
C/C++ pre-commit hooks for static analyzers and linters
and five C/C++ static code analyzers: * clang-tidy * oclint * cppcheck * cpplint (recently added!) * include-what-you-use (recently added!)
-
Caught signal 11 (SIGSEGV) and signal 6 (SIGABRT)
Start by feeding your codebase to a static analysis tool like cppcheck, to rule out obvious bound-checking mistakes in it.
- How to detect stack corruption in embedded c??
-
Why static analysis on C projects is not widespread already?
Cppcheck is free. I've previously used it with a C++ project.
What are some alternatives?
Better String - The Better String Library
cpplint - Static code checker for C++
Experimental Boost.MSM-lite - Boost.SML (formerly called Boost.MSM-lite)
gcc-poison - gcc-poison
libcpuid - a small C library for x86 CPU detection and feature extraction
stb - stb single-file public domain libraries for C/C++
ZXing - ZXing ("Zebra Crossing") barcode scanning library for Java, Android
cmake-lint - Fork of https://github.com/richq/cmake-lint to continue maintenance
safestringlib
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
c-smart-pointers - Smart pointers for the (GNU) C programming language