From a usable security standpoint, an API that /looks just like/ one where sizeof works, but where it's wrong, is utterly awful.
-
-
Replying to @RichFelker
Functions like swprintf probably should have taken a buffer size, not a [wchar_t/whatever] count.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
That makes it harder to access the last-written location.
1 reply 0 retweets 0 likes -
Replying to @UINT_MIN
I don't follow. The return value would still be a wchar_t count.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
Er, in that case it means I can't subtract it from the buffer size.
1 reply 0 retweets 0 likes -
Replying to @UINT_MIN @RichFelker
If I were to change something here, it would be sizeof, which does the "wrong" thing for pointers too.
1 reply 0 retweets 0 likes -
Replying to @UINT_MIN
You can differ all you like philosophically but it doesn't mitigate danger of interfaces that look like they take a size
1 reply 0 retweets 0 likes -
Replying to @RichFelker @UINT_MIN
How many people even know if swprintf takes a size or wchar_t count without looking it up?
1 reply 0 retweets 0 likes -
Replying to @RichFelker
I posit that if there's a choice, "count" is always the right answer. Other langs don't even have access to byte-size.
1 reply 0 retweets 1 like -
Replying to @UINT_MIN
Well you can't remove sizes from C without having a radically different language (no Representation of Types).
2 replies 0 retweets 0 likes
Which wouldn't necessarily be a bad thing, but it's outside the scope of bad interface designs within the context of C.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.