← Back to context

Comment by uecker

25 days ago

Arrays are not pointers and if you do not let them decay to one, they do preserve the length information.

7 comments

uecker

Reply

pjmlp 24 days ago

They surely behave like one as soon as they leave local scope.

Kind of hard when passing them around as funcion parameters, and the static trick doesn't really work in a portable way.

Lets seen how far WG14 gets with cybersecurity laws with this kind of answers being analysed by SecDevOps and Infosec experts.

dfawcus 24 days ago
Then don't allow it to decay:
void arr_fn(char (*arr)[15]) { enum { len = sizeof *arr }; printf("len of array: %d\n", len); printf("Got: %.*s\n", len, *arr); } void sptr_fn(char ptr[static 15]) { printf("Got: %s\n", ptr); } int main(void) { char array[15] = "Hello, World!"; arr_fn(&array); sptr_fn(array); return 0; }
Using gcc (and similarly clang) removing the '15' from 'array', and allowing it to allocate it as 14 chars will result in warnings for both function calls.
One can hide that ptr to array behind a typedef to make it more readable:
typedef char (Arr_15)[15]; void arr_fn2(Arr_15 *arr) {
What do you mean by 'the static trick'? Is that what I have in sptr_fn()?
- pjmlp 24 days ago
  
  That is the static trick.
  The issues as it stands today are:
  - It is still a warning instead of an error, and we all know how many projects have endless lists of warnings
  - Only GCC and clang issue such warning, if we want to improve C, security must be imposed to all implementations
  https://c.godbolt.org/z/fEKzT4WfM
  
  2 replies →

ordu 24 days ago

    int arr[4];
    foo(arr);

We can look at this code like it passes an array by reference, but how to pass `arr` by value?

uecker 24 days ago

You can pass it by value when putting it into a struct. You can also pass a pointer to the array instead of letting it decay.
void foo(int (*arr)[4]);
int arr[4]; foo(&arr);