"Strong typing vs. strong testing"
Malcolm McLean
malcolm.mclean5 at btinternet.com
Tue Sep 28 05:13:19 EDT 2010
On Sep 27, 7:46 pm, namekuseijin <namekusei... at gmail.com> wrote:
> On 27 set, 05:46, TheFlyingDutchman <zzbba... at aol.com> wrote:
>
> Fact is: almost all user data from the external words comes into
> programs as strings. No typesystem or compiler handles this fact all
> that graceful...- Hide quoted text -
>
You're right. C should have a much better library than it does for
parsing user-supplied string input.
The scanf() family of functions is fine for everyday use, but not
robust enough for potentially hostile inputs. atoi() had to be
replaced by strtol(), but there's a need for a higher-leve function
built on strtol().
I wrote a generic commandline parser once, however it's almost
impossible to achieve something that is both useable and 100%
bulletproof.
More information about the Python-list
mailing list