HPE Community
Operating System - HP-UX
1834925 Members
2573 Online
110071 Solutions
New Discussion

Bounds checking for aCC

 
SOLVED
Go to solution
T G Manikandan
Honored Contributor

‎05-08-2003 03:57 AM

‎05-08-2003 03:57 AM

Bounds checking for aCC

There are bounds checking patches in gcc.
Please check the README file attached for that.

Is there a patch for the same reason in aCC?

Thanks
0 Kudos
Reply
4 REPLIES 4
A. Clay Stephenson
Acclaimed Contributor

‎05-08-2003 07:45 AM

‎05-08-2003 07:45 AM

Solution

Re: Bounds checking for aCC

There is no #pragma or compiler directive for this and I'm all but certain that there is no patch. I suppose that I'm "old school" but I firmly believe that run-time automatic array index checking is for wimps. A disciplined programmer should never allow that to happen.
If it ain't broke, I can fix that.
Reply
T G Manikandan
Honored Contributor

‎05-08-2003 08:10 PM

‎05-08-2003 08:10 PM

Re: Bounds checking for aCC

Thanks Clay.

0 Kudos
Reply
Wodisch
Honored Contributor

‎05-08-2003 10:27 PM

‎05-08-2003 10:27 PM

Re: Bounds checking for aCC

Hi,

AFAIK you'll have to go to the OpenBSD site to get more information about that.

@Clay: no, I seriously doubt that bounds checking is for "whimps", as most programmers on the planet seem to be in urgent need of something doing that for them (M$ comes to mind).
Not everybody did a lot of coding with the Pascal/Modula/Ada family of languages (doing Ada back in 1983 was kinda fun)...

Or how would you explain all those recent buffer overflow vulnerabilities? IMHO it can be credited to C/C++ programmers, who never learned it *right* - and to the whole theory of "partially correctness".
If all you are taught about on the universities is about "correct output to correct input" you will totally miss the point of thinking about "bad input", i.e. attacks!

*SCNR*

FWIW,
Wodisch
Reply
Gregg Pulley
New Member

‎05-09-2003 08:18 AM

‎05-09-2003 08:18 AM

Re: Bounds checking for aCC

@Clay:

I too take issue with your statement regarding automatic bounds checks.

Consider this. Assume you are disciplined; you consider all the ways in which the array can get loaded and handle every case in your code.

Now, how is your result different from what the compiler would have produced? More efficient? Perhaps, but not likely.

Besides, your performance for 99% of most apps will be unaffected. Better to use a profiler to find and fix bottlenecks during integration .

Naturally, there are exceptions to this, such as library code (like the STL). The idea is to be productive, and worrying about optimizations at this level usually provides little return on your effort.

Hope this is helpful.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.