:: Re: [DNG] Making sense of C pointer…
Top Page
Delete this message
Reply to this message
Author: Edward Bartolo
Date:  
To: Steve Litt
CC: dng
Subject: Re: [DNG] Making sense of C pointer syntax.
Hi, thanks for your help.

So: [ I am recalling this from memory to test where I am ]
a) type* pp; // declare a pointer pp
b) *pp = RHS; // assign RHS to the data pointed to by pp
c) type **ss; // declare a pointer to pointer. System only allocates
space for one address
d) *ss = RHS; // assign RHS to the pointer pointed to by ss.
e) const char* and char* are not the same ie treated differently by the compiler
f) strings are character arrays, so they obey the rules governing arrays
g) strings are terminated by a null character which is a byte with eight zeros
h) extra care must be taken when copying strings not to write beyond
the end of allocated memory. This can result in buffer overflows that
may cause execution of arbitrary code
i) some built in string function provided by C, especially vintage
string functions, suffer from the buffer overrun bug. Guard against
that by making sure there is enough memory allocated.
j) When calling backend CLI programs make sure, the input to the
calling function cannot be maliciously modified to allow execution of
arbitrary commands. Functions like execl can be abused so extra care
to block abuse must be taken.

Edward

On 30/03/2016, Steve Litt <slitt@???> wrote:
> On Wed, 30 Mar 2016 08:23:16 -0300
> Emiliano Marini <emilianomarini82@???> wrote:
>
>> Edward, the only time the compiler allocates memory for data
>> automatically is when using strings literals (as stated by Rainer
>> previously)
>>
>> char *p = "Hola mundo."
>
> Also when you have a struct as a local variable:
>
> struct my_cool_struct mystruct;
>
> Like the char pointer, it comes off the stack, not the heap it would
> come off if you used malloc().
>
> Actually, any local variable allocates memory off the stack. Consider:
>
> int number_of_people;
>
> The preceding allocates sizeof(int) bytes, for number_of_people, off
> the stack.
>
> SteveT
>
> Steve Litt
> March 2016 featured book: Quit Joblessness: Start Your Own Business
> http://www.troubleshooters.com/startbiz
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>