SlideShare a Scribd company logo

Big Brother helps you understand CString issues

P
PVS-Studio

The author discusses how compilers go to great lengths to make poorly written C/C++ code work as intended, despite issues like passing non-POD types like std::string to variable argument functions. He provides examples of code that shouldn't work but does, due to efforts by compiler developers. The author suspects compiler optimizations are sometimes designed to produce practical rather than theoretically correct behavior for simple programs. Overall the document praises the unseen work of compiler developers in supporting legacy code.

TechnologyEntertainment & Humor
1 of 6
Download to read offline
Big Brother helps you Author: Andrey Karpov Date: 13.07.2010 I was convinced one more time that programmers write programs absolutely carelessly, so that their programs work not because of their skill but due to chance and care of Microsoft or Intel compiler developers. Right it is they who really care and put crutches under our lop-sided programs when necessary. Further is a byte-rending story of the CString class and daughter of its, the Format function, for you to read. Pray, pray for compilers and their developers! They are spending so much effort to make our programs work despite many drawbacks and even errors. At the same time, their work is hard and invisible. They are noble knights of coding and guardian angels of us all. I knew that Microsoft has a department responsible for providing maximum compatibility of new versions of operating systems with old applications. Their base contains more than 10000 most popular obsolete programs that must work in new versions of Windows. It is these efforts thanks to which I managed recently to play Heroes of Might and Magic II (a game of 1996) under 64-bit Windows Vista without problems. I think the game can be successfully launched under Windows 7 as well. Here are interesting notes by Alexey Pahunov on the topic (RU) of compatibility [1, 2, 3]. However, it seems that there are also other departments whose business is to help our horrible C/C++ code work and work on. But let me start this story from the very beginning. I am involved in development of the PVS-Studio tool intended for analysis of application source code. Quiet, friends this is not an ad. This time it is really a work of mercy since we have started to create a free of charge general-purpose static analyzer. It is far from an alpha-version but the work is going on and I will write a post about this analyzer some day. I started speaking about it because we have begun to collect the most interesting type errors and learn to diagnose them. Many errors are related to using ellipses in programs. Here is a theoretical reference: There are functions in definition of which it is impossible to specify the number and types of all the acceptable parameters. In this case the list of the formal parameters ends with an ellipsis (...) that means: and perhaps some more arguments". For instance: int printf(const char* ...); One of such unpleasant yet easily diagnosed errors is passing of an object of the class type instead of a pointer to a string into a function with a variable number of arguments. Here is an example of this error: wchar_t buf[100]; std::wstring ws(L"12345"); swprintf(buf, L"%s", ws);
This code will cause generation of total rubbish in the buffer or a program crash. Certainly in a real program, the code will be more complicated, so please do not write comments on my post telling me that the GCC compiler will check the arguments and warn you unlike Visual C++. Strings might be passed from resources or other functions and you will fail to check anything. But diagnosis is simple in this case a class object is passed into a function of string formation and it causes an error. The correct version of this code looks as follows: wchar_t buf[100]; std::wstring ws(L"12345"); swprintf(buf, L"%s", ws.c_str()); It is this reason that you might pass any thing into functions with a variable number of arguments why almost every book on C++ programming does not recommend to use them. Instead of these, they suggest to use safe mechanisms, for instance, boost::format. However, let these recommendations be, but there is very much code with various printfs, sprintfs, CString::Formats in the world and we will have to live with it for a long time. That is why we implemented a diagnostic rule to detect such dangerous constructs. Lets carry out theoretical investigations and see what is incorrect about the code above. Well, it is incorrect twice. 1. The argument does not correspond to the defined format. Since we define "%s", we must pass a pointer to the string into the function either. But in theory we may write our own sprintf function that will know that an object of the std::wstring class was passed to it and correctly print it. However, it is also impossible because of the second reason. 2. Only a POD-type can be an argument for the ellipsis "..." while std::string is not a POD-type. Theoretical reference on POD types: POD is abbreviation of "Plain Old Data". The following types refer to POD-types: 1. all predefined arithmetic types (including wchar_t and bool); 2. types defined with the enum key word; 3. pointers; 4. POD-structures (struct or class) and POD-unions which meet the following requirements: a. do not contain user constructors, destructors or copying assignment operator; b. do not have base classes; c. do not contain virtual functions; d. do not contain protected or private non-static data members; e. do not contain non-static data members of non-POD-types (or arrays of such types) and also references. Correspondingly, the std::wstring class does not refer to POD-types since it has constructors, base class and so on.
If you pass an object which is not a POD-type to an ellipsis, it causes an unexpected behavior. Thus, at least theoretically, we cannot in any way correctly pass an object of the std::wstring type as an ellipsis argument. The same thing must be with the Format function from the CString class. This is an incorrect version of the code: CString s; CString arg(L"OK"); s.Format(L"Test CString: %sn", arg); This is the correct version of the code: s.Format(L"Test CString: %sn", arg.GetString()); Or, as it is suggested in MSDN [4], we may use an explicit cast operator LPCTSTR implemented in the CString class to get a pointer to the string. Here is an example of correct code from MSDN: CString kindOfFruit = "bananas"; int howmany = 25; printf("You have %d %sn", howmany, (LPCTSTR)kindOfFruit); So, everything seems clear and transparent. It is also clear how to make a rule. We will detect misprints made when using functions with a variable number of arguments. We did this. And I was shocked by the result. It turned out that most developers never think of these issues and write code like the following one with a quiet conscience: class CRuleDesc { CString GetProtocol(); CString GetSrcIp(); CString GetDestIp(); CString GetSrcPort(); CString GetIpDesc(CString strIp); ... CString CRuleDesc::GetRuleDesc() { CString strDesc; strDesc.Format(
_T("%s all network traffic from <br>%s " "on %s<br>to %s on %s <br>for the %s"), GetAction(), GetSrcIp(), GetSrcPort(), GetDestIp(), GetDestPort(), GetProtocol()); return strDesc; } //--------------- CString strText; CString _strProcName(L""); ... strText.Format(_T("%s"), _strProcName); //--------------- CString m_strDriverDosName; CString m_strDriverName; ... m_strDriverDosName.Format( _T(".%s"), m_strDriverName); //--------------- CString __stdcall GetResString(UINT dwStringID); ... _stprintf(acBuf, _T("%s"), GetResString(IDS_SV_SERVERINFO)); //---------------
// I think you understand // that we may give you such examples endlessly. Some developers do think but then forget. That is why the code like this looks so touching: CString sAddr; CString m_sName; CString sTo = GetNick( hContact ); sAddr.Format(_T("%smailslot%s"), sTo, (LPCTSTR)m_sName); We collected so many such examples in projects we test our PVS-Studio on that I cannot understand how it all can be. And still everything works I was convinced in it after writing a test program and trying various ways of using CString. What is the reason? It seems to me that compiler developers could not stand anymore endless questions why Indian programs using CString do not work and accusations of the compiler being bad and unable to work with strings. So they secretly held a sacred rite of exorcism by driving out evil from CString. They made an impossible thing possible they implemented the CString class in such a crafty way that you may pass it to functions like printf and Format. It was done quite intricately and those who want to know how read the source code of the CStringT class and also the detailed discussion "Pass CString to printf?" [5]. I will not go into details and will stress only one important thing. Special implementation of CString is not enough since passing of a non- POD-type theoretically causes an unexpected behavior. So, the Visual C++ developers together with Intel C++ developers made it so that the unexpected behavior is always a correct result :) For correct program operation can well be a subset of an unexpected behavior. :) I also start thinking about some strange things in the compilers behavior when it builds 64-bit programs. I suspect that the compilers developers deliberately make the programs behavior not theoretical but practical (i.e. efficient) in those simple cases when they recognize some pattern. The clearest example is a pattern of a loop. Here is an example of incorrect code: size_t n = BigValue; for (unsigned i = 0; i < n; i++) { ... } Theoretically, if the value n > UINT_MAX is larger, an eternal loop must occur. But it does not occur in the Release version since a 64-bit register is used for the variable "i". Of course, if the code is a bit more complicated, the eternal loop will occur but at least in some cases the program will be lucky. I wrote about this in the article "A 64-bit horse that can count" [6]. I thought earlier that this unexpectedly lucky behavior of a program is determined only by the specifics of optimization of Release versions. But now I am not sure about this. Perhaps it is a conscious attempt to make an inefficient program work at least sometimes. Certainly I do not know whether the cause lies
in optimization or care of Big Brother, but it is a good occasion to philosophize, isnt it? :) Well, and the one who knows will hardly tell us. :) I am sure there are also other cases when the compiler stretches out its hand to cripple programs. If I encounter something interesting I will tell you. May your code never glitch! References 1. Alexey Pahunov's Russian blog. Backward compatibility is serious. http://www.viva64.com/go.php?url=390 2. Alexey Pahunov's Russian blog. AppCompat. http://www.viva64.com/go.php?url=391 3. Alexey Pahunov's Russian blog. Is Windows 3.x live? http://www.viva64.com/go.php?url=392 4. MSDN. CString Operations Relating to C-Style Strings. Topic: Using CString Objects with Variable Argument Functions . http://www.viva64.com/go.php?url=393 5. Discussion at eggheadcafe.com. Pass CString to printf? http://www.viva64.com/go.php?url=394 6. Andrey Karpov. A 64-bit horse that can count. http://www.viva64.com/art-1-2-377673569.html

Recommended

Stringing Things Along
Stringing Things AlongStringing Things Along
Stringing Things AlongKevlin Henney
 
The Next Best String
The Next Best StringThe Next Best String
The Next Best StringKevlin Henney
 
Primitive Data Types and Variables Lesson 02
Primitive Data Types and Variables Lesson 02Primitive Data Types and Variables Lesson 02
Primitive Data Types and Variables Lesson 02A-Tech and Software Development
 
C –FAQ:
C –FAQ:C –FAQ:
C –FAQ:KITE www.kitecolleges.com
 
Csharp4 basics
Csharp4 basicsCsharp4 basics
Csharp4 basicsAbed Bukhari
 
C faqs interview questions placement paper 2013
C faqs interview questions placement paper 2013C faqs interview questions placement paper 2013
C faqs interview questions placement paper 2013srikanthreddy004
 
C,c++ interview q&a
C,c++ interview q&aC,c++ interview q&a
C,c++ interview q&aKumaran K
 
Unit 1 question and answer
Unit 1 question and answerUnit 1 question and answer
Unit 1 question and answerVasuki Ramasamy
 

Recommended

Stringing Things Along
Stringing Things AlongStringing Things Along
Stringing Things AlongKevlin Henney
 
The Next Best String
The Next Best StringThe Next Best String
The Next Best StringKevlin Henney
 
Primitive Data Types and Variables Lesson 02
Primitive Data Types and Variables Lesson 02Primitive Data Types and Variables Lesson 02
Primitive Data Types and Variables Lesson 02A-Tech and Software Development
 
C –FAQ:
C –FAQ:C –FAQ:
C –FAQ:KITE www.kitecolleges.com
 
Csharp4 basics
Csharp4 basicsCsharp4 basics
Csharp4 basicsAbed Bukhari
 
C faqs interview questions placement paper 2013
C faqs interview questions placement paper 2013C faqs interview questions placement paper 2013
C faqs interview questions placement paper 2013srikanthreddy004
 
C,c++ interview q&a
C,c++ interview q&aC,c++ interview q&a
C,c++ interview q&aKumaran K
 
Unit 1 question and answer
Unit 1 question and answerUnit 1 question and answer
Unit 1 question and answerVasuki Ramasamy
 
A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsAndrey Karpov
 
C interview-questions-techpreparation
C interview-questions-techpreparationC interview-questions-techpreparation
C interview-questions-techpreparationKushaal Singla
 
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...Kamiya Toshihiro
 
Common mistakes in C programming
Common mistakes in C programmingCommon mistakes in C programming
Common mistakes in C programmingLarion
 
Presentation 2nd
Presentation 2ndPresentation 2nd
Presentation 2ndConnex
 
Types For Frontend Developers
Types For Frontend DevelopersTypes For Frontend Developers
Types For Frontend DevelopersJesse Williamson
 
Python Programming Homework Help
Python Programming Homework HelpPython Programming Homework Help
Python Programming Homework HelpPython Homework Help
 
Highly Strung
Highly StrungHighly Strung
Highly StrungKevlin Henney
 
Let's us c language (sabeel Bugti)
Let's us c language (sabeel Bugti)Let's us c language (sabeel Bugti)
Let's us c language (sabeel Bugti)Unviersity of balochistan quetta
 
Data type
Data typeData type
Data typeIsha Aggarwal
 
Data Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# ProgrammingData Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# ProgrammingSherwin Banaag Sapin
 
Impact of indentation in programming
Impact of indentation in programmingImpact of indentation in programming
Impact of indentation in programmingijpla
 
An unusual bug in Lucene.Net
An unusual bug in Lucene.NetAn unusual bug in Lucene.Net
An unusual bug in Lucene.NetPVS-Studio
 
M C6java7
M C6java7M C6java7
M C6java7mbruggen
 
Introduction to TypeScript
Introduction to TypeScriptIntroduction to TypeScript
Introduction to TypeScriptKeithMurgic
 
Python programming language
Python programming languagePython programming language
Python programming languageEbrahim Shakhatreh
 
M C6java2
M C6java2M C6java2
M C6java2mbruggen
 
Optimization in the world of 64-bit errors
Optimization in the world of 64-bit errorsOptimization in the world of 64-bit errors
Optimization in the world of 64-bit errorsPVS-Studio
 
Using Static Analysis in Program Development
Using Static Analysis in Program DevelopmentUsing Static Analysis in Program Development
Using Static Analysis in Program DevelopmentPVS-Studio
 
A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsPVS-Studio
 
Software code metrics
Software code metricsSoftware code metrics
Software code metricsPVS-Studio
 
The reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memoryThe reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memoryPVS-Studio
 

More Related Content

What's hot

A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsAndrey Karpov
 
C interview-questions-techpreparation
C interview-questions-techpreparationC interview-questions-techpreparation
C interview-questions-techpreparationKushaal Singla
 
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...Kamiya Toshihiro
 
Common mistakes in C programming
Common mistakes in C programmingCommon mistakes in C programming
Common mistakes in C programmingLarion
 
Presentation 2nd
Presentation 2ndPresentation 2nd
Presentation 2ndConnex
 
Types For Frontend Developers
Types For Frontend DevelopersTypes For Frontend Developers
Types For Frontend DevelopersJesse Williamson
 
Data Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# ProgrammingData Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# ProgrammingSherwin Banaag Sapin
 
Impact of indentation in programming
Impact of indentation in programmingImpact of indentation in programming
Impact of indentation in programmingijpla
 
An unusual bug in Lucene.Net
An unusual bug in Lucene.NetAn unusual bug in Lucene.Net
An unusual bug in Lucene.NetPVS-Studio
 
Introduction to TypeScript
Introduction to TypeScriptIntroduction to TypeScript
Introduction to TypeScriptKeithMurgic
 

What's hot (17)

A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real Programs
 
C interview-questions-techpreparation
C interview-questions-techpreparationC interview-questions-techpreparation
C interview-questions-techpreparation
 
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
An Execution-Semantic and Content-and-Context-Based Code-Clone Detection and ...
 
Common mistakes in C programming
Common mistakes in C programmingCommon mistakes in C programming
Common mistakes in C programming
 
Presentation 2nd
Presentation 2ndPresentation 2nd
Presentation 2nd
 
Types For Frontend Developers
Types For Frontend DevelopersTypes For Frontend Developers
Types For Frontend Developers
 
Python Programming Homework Help
Python Programming Homework HelpPython Programming Homework Help
Python Programming Homework Help
 
Highly Strung
Highly StrungHighly Strung
Highly Strung
 
Let's us c language (sabeel Bugti)
Let's us c language (sabeel Bugti)Let's us c language (sabeel Bugti)
Let's us c language (sabeel Bugti)
 
Data type
Data typeData type
Data type
 
Data Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# ProgrammingData Types, Variables, and Constants in C# Programming
Data Types, Variables, and Constants in C# Programming
 
Impact of indentation in programming
Impact of indentation in programmingImpact of indentation in programming
Impact of indentation in programming
 
An unusual bug in Lucene.Net
An unusual bug in Lucene.NetAn unusual bug in Lucene.Net
An unusual bug in Lucene.Net
 
M C6java7
M C6java7M C6java7
M C6java7
 
Introduction to TypeScript
Introduction to TypeScriptIntroduction to TypeScript
Introduction to TypeScript
 
Python programming language
Python programming languagePython programming language
Python programming language
 
M C6java2
M C6java2M C6java2
M C6java2
 

Viewers also liked

Optimization in the world of 64-bit errors
Optimization in the world of 64-bit errorsOptimization in the world of 64-bit errors
Optimization in the world of 64-bit errorsPVS-Studio
 
Using Static Analysis in Program Development
Using Static Analysis in Program DevelopmentUsing Static Analysis in Program Development
Using Static Analysis in Program DevelopmentPVS-Studio
 
A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsPVS-Studio
 
Software code metrics
Software code metricsSoftware code metrics
Software code metricsPVS-Studio
 
The reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memoryThe reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memoryPVS-Studio
 
The forgotten problems of 64-bit programs development
The forgotten problems of 64-bit programs developmentThe forgotten problems of 64-bit programs development
The forgotten problems of 64-bit programs developmentPVS-Studio
 
How we test the code analyzer
How we test the code analyzerHow we test the code analyzer
How we test the code analyzerPVS-Studio
 
Lesson 1. What 64-bit systems are
Lesson 1. What 64-bit systems areLesson 1. What 64-bit systems are
Lesson 1. What 64-bit systems arePVS-Studio
 
Static analysis of C++ source code
Static analysis of C++ source codeStatic analysis of C++ source code
Static analysis of C++ source codePVS-Studio
 
Safety of 64-bit code
Safety of 64-bit codeSafety of 64-bit code
Safety of 64-bit codePVS-Studio
 
Of complicacy of programming, or won't C# save us?
Of complicacy of programming, or won't C# save us?Of complicacy of programming, or won't C# save us?
Of complicacy of programming, or won't C# save us?PVS-Studio
 
Development of resource-intensive applications in Visual C++
Development of resource-intensive applications in Visual C++Development of resource-intensive applications in Visual C++
Development of resource-intensive applications in Visual C++PVS-Studio
 
Explanations to the article on Copy-Paste
Explanations to the article on Copy-PasteExplanations to the article on Copy-Paste
Explanations to the article on Copy-PastePVS-Studio
 
Lesson 14. Pattern 6. Changing an array's type
Lesson 14. Pattern 6. Changing an array's typeLesson 14. Pattern 6. Changing an array's type
Lesson 14. Pattern 6. Changing an array's typePVS-Studio
 
Optimization of 64-bit programs
Optimization of 64-bit programsOptimization of 64-bit programs
Optimization of 64-bit programsPVS-Studio
 
Lesson 10. Pattern 2. Functions with variable number of arguments
Lesson 10. Pattern 2. Functions with variable number of argumentsLesson 10. Pattern 2. Functions with variable number of arguments
Lesson 10. Pattern 2. Functions with variable number of argumentsPVS-Studio
 
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...PVS-Studio
 
Static code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xStatic code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xPVS-Studio
 
Introduction into 64 bits for the beginners or where's again the 64-bit world?
Introduction into 64 bits for the beginners or where's again the 64-bit world?Introduction into 64 bits for the beginners or where's again the 64-bit world?
Introduction into 64 bits for the beginners or where's again the 64-bit world?PVS-Studio
 
Lesson 9. Pattern 1. Magic numbers
Lesson 9. Pattern 1. Magic numbersLesson 9. Pattern 1. Magic numbers
Lesson 9. Pattern 1. Magic numbersPVS-Studio
 

Viewers also liked (20)

Optimization in the world of 64-bit errors
Optimization in the world of 64-bit errorsOptimization in the world of 64-bit errors
Optimization in the world of 64-bit errors
 
Using Static Analysis in Program Development
Using Static Analysis in Program DevelopmentUsing Static Analysis in Program Development
Using Static Analysis in Program Development
 
A Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real ProgramsA Collection of Examples of 64-bit Errors in Real Programs
A Collection of Examples of 64-bit Errors in Real Programs
 
Software code metrics
Software code metricsSoftware code metrics
Software code metrics
 
The reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memoryThe reasons why 64-bit programs require more stack memory
The reasons why 64-bit programs require more stack memory
 
The forgotten problems of 64-bit programs development
The forgotten problems of 64-bit programs developmentThe forgotten problems of 64-bit programs development
The forgotten problems of 64-bit programs development
 
How we test the code analyzer
How we test the code analyzerHow we test the code analyzer
How we test the code analyzer
 
Lesson 1. What 64-bit systems are
Lesson 1. What 64-bit systems areLesson 1. What 64-bit systems are
Lesson 1. What 64-bit systems are
 
Static analysis of C++ source code
Static analysis of C++ source codeStatic analysis of C++ source code
Static analysis of C++ source code
 
Safety of 64-bit code
Safety of 64-bit codeSafety of 64-bit code
Safety of 64-bit code
 
Of complicacy of programming, or won't C# save us?
Of complicacy of programming, or won't C# save us?Of complicacy of programming, or won't C# save us?
Of complicacy of programming, or won't C# save us?
 
Development of resource-intensive applications in Visual C++
Development of resource-intensive applications in Visual C++Development of resource-intensive applications in Visual C++
Development of resource-intensive applications in Visual C++
 
Explanations to the article on Copy-Paste
Explanations to the article on Copy-PasteExplanations to the article on Copy-Paste
Explanations to the article on Copy-Paste
 
Lesson 14. Pattern 6. Changing an array's type
Lesson 14. Pattern 6. Changing an array's typeLesson 14. Pattern 6. Changing an array's type
Lesson 14. Pattern 6. Changing an array's type
 
Optimization of 64-bit programs
Optimization of 64-bit programsOptimization of 64-bit programs
Optimization of 64-bit programs
 
Lesson 10. Pattern 2. Functions with variable number of arguments
Lesson 10. Pattern 2. Functions with variable number of argumentsLesson 10. Pattern 2. Functions with variable number of arguments
Lesson 10. Pattern 2. Functions with variable number of arguments
 
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...
Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defe...
 
Static code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xStatic code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0x
 
Introduction into 64 bits for the beginners or where's again the 64-bit world?
Introduction into 64 bits for the beginners or where's again the 64-bit world?Introduction into 64 bits for the beginners or where's again the 64-bit world?
Introduction into 64 bits for the beginners or where's again the 64-bit world?
 
Lesson 9. Pattern 1. Magic numbers
Lesson 9. Pattern 1. Magic numbersLesson 9. Pattern 1. Magic numbers
Lesson 9. Pattern 1. Magic numbers
 

Similar to Big Brother helps you understand CString issues

Headache from using mathematical software
Headache from using mathematical softwareHeadache from using mathematical software
Headache from using mathematical softwarePVS-Studio
 
Analysis of Godot Engine's Source Code
Analysis of Godot Engine's Source CodeAnalysis of Godot Engine's Source Code
Analysis of Godot Engine's Source CodePVS-Studio
 
Static code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xStatic code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xAndrey Karpov
 
PVS-Studio vs Chromium
PVS-Studio vs ChromiumPVS-Studio vs Chromium
PVS-Studio vs ChromiumPVS-Studio
 
PVS-Studio vs Chromium
PVS-Studio vs ChromiumPVS-Studio vs Chromium
PVS-Studio vs ChromiumAndrey Karpov
 
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ..."Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...PVS-Studio
 
How to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeHow to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeMicrosoft Tech Community
 
How to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeHow to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeMicrosoft Tech Community
 
Analysis of the Trans-Proteomic Pipeline (TPP) project
Analysis of the Trans-Proteomic Pipeline (TPP) projectAnalysis of the Trans-Proteomic Pipeline (TPP) project
Analysis of the Trans-Proteomic Pipeline (TPP) projectPVS-Studio
 
How to avoid bugs using modern C++
How to avoid bugs using modern C++How to avoid bugs using modern C++
How to avoid bugs using modern C++PVS-Studio
 
The First C# Project Analyzed
The First C# Project AnalyzedThe First C# Project Analyzed
The First C# Project AnalyzedPVS-Studio
 
C programming(part 3)
C programming(part 3)C programming(part 3)
C programming(part 3)SURBHI SAROHA
 
Wade not in unknown waters. Part two.
Wade not in unknown waters. Part two.Wade not in unknown waters. Part two.
Wade not in unknown waters. Part two.PVS-Studio
 
Checking the Open-Source Multi Theft Auto Game
Checking the Open-Source Multi Theft Auto GameChecking the Open-Source Multi Theft Auto Game
Checking the Open-Source Multi Theft Auto GameAndrey Karpov
 
Programming in C - interview questions.pdf
Programming in C - interview questions.pdfProgramming in C - interview questions.pdf
Programming in C - interview questions.pdfSergiuMatei7
 
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...Andrey Karpov
 
An Experiment with Checking the glibc Library
An Experiment with Checking the glibc LibraryAn Experiment with Checking the glibc Library
An Experiment with Checking the glibc LibraryAndrey Karpov
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerAndrey Karpov
 

Similar to Big Brother helps you understand CString issues (20)

Headache from using mathematical software
Headache from using mathematical softwareHeadache from using mathematical software
Headache from using mathematical software
 
Analysis of Godot Engine's Source Code
Analysis of Godot Engine's Source CodeAnalysis of Godot Engine's Source Code
Analysis of Godot Engine's Source Code
 
Static code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0xStatic code analysis and the new language standard C++0x
Static code analysis and the new language standard C++0x
 
Synapseindia dot net development
Synapseindia dot net developmentSynapseindia dot net development
Synapseindia dot net development
 
PVS-Studio vs Chromium
PVS-Studio vs ChromiumPVS-Studio vs Chromium
PVS-Studio vs Chromium
 
PVS-Studio vs Chromium
PVS-Studio vs ChromiumPVS-Studio vs Chromium
PVS-Studio vs Chromium
 
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ..."Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...
 
How to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeHow to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ Code
 
How to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ CodeHow to Adopt Modern C++17 into Your C++ Code
How to Adopt Modern C++17 into Your C++ Code
 
Analysis of the Trans-Proteomic Pipeline (TPP) project
Analysis of the Trans-Proteomic Pipeline (TPP) projectAnalysis of the Trans-Proteomic Pipeline (TPP) project
Analysis of the Trans-Proteomic Pipeline (TPP) project
 
How to avoid bugs using modern C++
How to avoid bugs using modern C++How to avoid bugs using modern C++
How to avoid bugs using modern C++
 
LEARN C#
LEARN C#LEARN C#
LEARN C#
 
The First C# Project Analyzed
The First C# Project AnalyzedThe First C# Project Analyzed
The First C# Project Analyzed
 
C programming(part 3)
C programming(part 3)C programming(part 3)
C programming(part 3)
 
Wade not in unknown waters. Part two.
Wade not in unknown waters. Part two.Wade not in unknown waters. Part two.
Wade not in unknown waters. Part two.
 
Checking the Open-Source Multi Theft Auto Game
Checking the Open-Source Multi Theft Auto GameChecking the Open-Source Multi Theft Auto Game
Checking the Open-Source Multi Theft Auto Game
 
Programming in C - interview questions.pdf
Programming in C - interview questions.pdfProgramming in C - interview questions.pdf
Programming in C - interview questions.pdf
 
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...
A Bonus to the "Three Interviews About Static Analyzers" Article, or Intervie...
 
An Experiment with Checking the glibc Library
An Experiment with Checking the glibc LibraryAn Experiment with Checking the glibc Library
An Experiment with Checking the glibc Library
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzer
 

Recently uploaded

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 

Recently uploaded (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 

Big Brother helps you understand CString issues

  • 1. Big Brother helps you Author: Andrey Karpov Date: 13.07.2010 I was convinced one more time that programmers write programs absolutely carelessly, so that their programs work not because of their skill but due to chance and care of Microsoft or Intel compiler developers. Right it is they who really care and put crutches under our lop-sided programs when necessary. Further is a byte-rending story of the CString class and daughter of its, the Format function, for you to read. Pray, pray for compilers and their developers! They are spending so much effort to make our programs work despite many drawbacks and even errors. At the same time, their work is hard and invisible. They are noble knights of coding and guardian angels of us all. I knew that Microsoft has a department responsible for providing maximum compatibility of new versions of operating systems with old applications. Their base contains more than 10000 most popular obsolete programs that must work in new versions of Windows. It is these efforts thanks to which I managed recently to play Heroes of Might and Magic II (a game of 1996) under 64-bit Windows Vista without problems. I think the game can be successfully launched under Windows 7 as well. Here are interesting notes by Alexey Pahunov on the topic (RU) of compatibility [1, 2, 3]. However, it seems that there are also other departments whose business is to help our horrible C/C++ code work and work on. But let me start this story from the very beginning. I am involved in development of the PVS-Studio tool intended for analysis of application source code. Quiet, friends this is not an ad. This time it is really a work of mercy since we have started to create a free of charge general-purpose static analyzer. It is far from an alpha-version but the work is going on and I will write a post about this analyzer some day. I started speaking about it because we have begun to collect the most interesting type errors and learn to diagnose them. Many errors are related to using ellipses in programs. Here is a theoretical reference: There are functions in definition of which it is impossible to specify the number and types of all the acceptable parameters. In this case the list of the formal parameters ends with an ellipsis (...) that means: and perhaps some more arguments". For instance: int printf(const char* ...); One of such unpleasant yet easily diagnosed errors is passing of an object of the class type instead of a pointer to a string into a function with a variable number of arguments. Here is an example of this error: wchar_t buf[100]; std::wstring ws(L"12345"); swprintf(buf, L"%s", ws);
  • 2. This code will cause generation of total rubbish in the buffer or a program crash. Certainly in a real program, the code will be more complicated, so please do not write comments on my post telling me that the GCC compiler will check the arguments and warn you unlike Visual C++. Strings might be passed from resources or other functions and you will fail to check anything. But diagnosis is simple in this case a class object is passed into a function of string formation and it causes an error. The correct version of this code looks as follows: wchar_t buf[100]; std::wstring ws(L"12345"); swprintf(buf, L"%s", ws.c_str()); It is this reason that you might pass any thing into functions with a variable number of arguments why almost every book on C++ programming does not recommend to use them. Instead of these, they suggest to use safe mechanisms, for instance, boost::format. However, let these recommendations be, but there is very much code with various printfs, sprintfs, CString::Formats in the world and we will have to live with it for a long time. That is why we implemented a diagnostic rule to detect such dangerous constructs. Lets carry out theoretical investigations and see what is incorrect about the code above. Well, it is incorrect twice. 1. The argument does not correspond to the defined format. Since we define "%s", we must pass a pointer to the string into the function either. But in theory we may write our own sprintf function that will know that an object of the std::wstring class was passed to it and correctly print it. However, it is also impossible because of the second reason. 2. Only a POD-type can be an argument for the ellipsis "..." while std::string is not a POD-type. Theoretical reference on POD types: POD is abbreviation of "Plain Old Data". The following types refer to POD-types: 1. all predefined arithmetic types (including wchar_t and bool); 2. types defined with the enum key word; 3. pointers; 4. POD-structures (struct or class) and POD-unions which meet the following requirements: a. do not contain user constructors, destructors or copying assignment operator; b. do not have base classes; c. do not contain virtual functions; d. do not contain protected or private non-static data members; e. do not contain non-static data members of non-POD-types (or arrays of such types) and also references. Correspondingly, the std::wstring class does not refer to POD-types since it has constructors, base class and so on.
  • 3. If you pass an object which is not a POD-type to an ellipsis, it causes an unexpected behavior. Thus, at least theoretically, we cannot in any way correctly pass an object of the std::wstring type as an ellipsis argument. The same thing must be with the Format function from the CString class. This is an incorrect version of the code: CString s; CString arg(L"OK"); s.Format(L"Test CString: %sn", arg); This is the correct version of the code: s.Format(L"Test CString: %sn", arg.GetString()); Or, as it is suggested in MSDN [4], we may use an explicit cast operator LPCTSTR implemented in the CString class to get a pointer to the string. Here is an example of correct code from MSDN: CString kindOfFruit = "bananas"; int howmany = 25; printf("You have %d %sn", howmany, (LPCTSTR)kindOfFruit); So, everything seems clear and transparent. It is also clear how to make a rule. We will detect misprints made when using functions with a variable number of arguments. We did this. And I was shocked by the result. It turned out that most developers never think of these issues and write code like the following one with a quiet conscience: class CRuleDesc { CString GetProtocol(); CString GetSrcIp(); CString GetDestIp(); CString GetSrcPort(); CString GetIpDesc(CString strIp); ... CString CRuleDesc::GetRuleDesc() { CString strDesc; strDesc.Format(
  • 4. _T("%s all network traffic from <br>%s " "on %s<br>to %s on %s <br>for the %s"), GetAction(), GetSrcIp(), GetSrcPort(), GetDestIp(), GetDestPort(), GetProtocol()); return strDesc; } //--------------- CString strText; CString _strProcName(L""); ... strText.Format(_T("%s"), _strProcName); //--------------- CString m_strDriverDosName; CString m_strDriverName; ... m_strDriverDosName.Format( _T(".%s"), m_strDriverName); //--------------- CString __stdcall GetResString(UINT dwStringID); ... _stprintf(acBuf, _T("%s"), GetResString(IDS_SV_SERVERINFO)); //---------------
  • 5. // I think you understand // that we may give you such examples endlessly. Some developers do think but then forget. That is why the code like this looks so touching: CString sAddr; CString m_sName; CString sTo = GetNick( hContact ); sAddr.Format(_T("%smailslot%s"), sTo, (LPCTSTR)m_sName); We collected so many such examples in projects we test our PVS-Studio on that I cannot understand how it all can be. And still everything works I was convinced in it after writing a test program and trying various ways of using CString. What is the reason? It seems to me that compiler developers could not stand anymore endless questions why Indian programs using CString do not work and accusations of the compiler being bad and unable to work with strings. So they secretly held a sacred rite of exorcism by driving out evil from CString. They made an impossible thing possible they implemented the CString class in such a crafty way that you may pass it to functions like printf and Format. It was done quite intricately and those who want to know how read the source code of the CStringT class and also the detailed discussion "Pass CString to printf?" [5]. I will not go into details and will stress only one important thing. Special implementation of CString is not enough since passing of a non- POD-type theoretically causes an unexpected behavior. So, the Visual C++ developers together with Intel C++ developers made it so that the unexpected behavior is always a correct result :) For correct program operation can well be a subset of an unexpected behavior. :) I also start thinking about some strange things in the compilers behavior when it builds 64-bit programs. I suspect that the compilers developers deliberately make the programs behavior not theoretical but practical (i.e. efficient) in those simple cases when they recognize some pattern. The clearest example is a pattern of a loop. Here is an example of incorrect code: size_t n = BigValue; for (unsigned i = 0; i < n; i++) { ... } Theoretically, if the value n > UINT_MAX is larger, an eternal loop must occur. But it does not occur in the Release version since a 64-bit register is used for the variable "i". Of course, if the code is a bit more complicated, the eternal loop will occur but at least in some cases the program will be lucky. I wrote about this in the article "A 64-bit horse that can count" [6]. I thought earlier that this unexpectedly lucky behavior of a program is determined only by the specifics of optimization of Release versions. But now I am not sure about this. Perhaps it is a conscious attempt to make an inefficient program work at least sometimes. Certainly I do not know whether the cause lies
  • 6. in optimization or care of Big Brother, but it is a good occasion to philosophize, isnt it? :) Well, and the one who knows will hardly tell us. :) I am sure there are also other cases when the compiler stretches out its hand to cripple programs. If I encounter something interesting I will tell you. May your code never glitch! References 1. Alexey Pahunov's Russian blog. Backward compatibility is serious. http://www.viva64.com/go.php?url=390 2. Alexey Pahunov's Russian blog. AppCompat. http://www.viva64.com/go.php?url=391 3. Alexey Pahunov's Russian blog. Is Windows 3.x live? http://www.viva64.com/go.php?url=392 4. MSDN. CString Operations Relating to C-Style Strings. Topic: Using CString Objects with Variable Argument Functions . http://www.viva64.com/go.php?url=393 5. Discussion at eggheadcafe.com. Pass CString to printf? http://www.viva64.com/go.php?url=394 6. Andrey Karpov. A 64-bit horse that can count. http://www.viva64.com/art-1-2-377673569.html