为什么要使用Asprintf? [英] Why Use Asprintf?
问题描述
我有一个很难理解为什么需要asprintf。
在这里,在手册中它说:
I'm having a hard time understanding why you would need asprintf. Here in the manual it says
的功能asprintf()和vasprintf()是sprintf的类似物(3)和
vsprintf中(3),不同之处在于它们分配一个字符串大到足以容纳
输出包括终止空字节,并返回一个指针
它通过第一个参数。该指针应该传递给
免费(3)释放分配的存储时不再需要它。
The functions asprintf() and vasprintf() are analogs of sprintf(3) and vsprintf(3), except that they allocate a string large enough to hold the output including the terminating null byte, and return a pointer to it via the first argument. This pointer should be passed to free(3) to release the allocated storage when it is no longer needed.
因此,这里是我想了解的例子:
So here is the example that I'm trying to understand:
asprintf(&buffer, "/bin/echo %s is cool", getenv("USER"));
有什么区别,如果缓冲区分配一个字符串足够大的VS说的char * =(字符串)
What's the difference if the buffer allocates a string large enough vs saying char* = (string)
推荐答案
如果您使用的sprintf()或vsprintf中(),您需要先分配一个缓冲区,你需要确保缓冲区足够大,以包含sprintf的写的东西。否则的sprintf将愉快地覆盖任何内存在于超出了缓冲区的末尾。
If you use sprintf() or vsprintf(), you need to allocate a buffer first, and you need to be sure that the buffer is large enough to contain what sprintf writes. Otherwise sprintf will happily overwrite whatever memory lies beyond the end of the buffer.
char* x = (char*) malloc(5 * sizeof(char));
sprintf(x,"%s%s%s", "12", "34", "56"); // writes "123456" +null but overruns the buffer
...写'6'和终止空超出分配给空间末尾 X ,要么破坏其他一些变量,或导致段故障。
... writes the '6' and the terminating null beyond the end of the space allocated to x, either corrupting some other variable, or causing a segmentation fault.
如果你是幸运的,它会践踏分配的内存块之间,并没有坏处 - 这一次。这导致间歇性的错误 - 最难的一种诊断。这是很好的使用类似工具的 ElectricFence 的导致溢出来快速失败的。
If you're lucky, it will trample on memory in-between allocated blocks, and will do no harm -- this time. This leads to intermittent bugs -- the hardest kind to diagnose. It's good to use a tool like ElectricFence that causes overruns to fail-fast.
谁提供了一个超长的输入的非恶意的用户,可能会导致程序以意想不到的方式行事。恶意用户可以利用此作为一种方式来获得自己的可执行code到系统中。
A non-malicious user who provides an overlong input, could cause the program to behave in unexpected ways. A malicious user could exploit this as a way to get their own executable code into the system.
这对一名看守是使用的snprintf(),它截断字符串您提供的最大长度。
One guard against this is to use snprintf(), which truncates the string to the maximum length you supply.
char *x = (char *) malloc(5 * sizeof(char));
int size = snprintf(x, 5, "%s%s%s", "12", "34", "56"); // writes "1234" + null
返回值尺寸是的长度将是的书面如果空间是可利用的 - 的不包括终止空。
The return value size is the length that would have been written if space was available -- not including the terminating null.
在此情况下,如果尺寸大于或等于5,那么你知道发生截断 - 如果你不想截断,可以分配一个新的串并尝试的snprintf()试。
In this case, if size is greater than or equal to 5 then you know that truncation occurred - and if you didn't want truncation, you could allocate a new string and try snprintf() again.
char *x = (char *) malloc(BUF_LEN * sizeof(char));
int size = snprintf(x, 5, "%s%s%s", "12", "34", "56");
if(size >= BUF_LEN) {
realloc(&x,(size + 1) * sizeof(char));
snprintf(x, 5, "%s%s%s", "12", "34", "56");
}
(这是一个pretty天真的算法,但它说明了这一点)
(that's a pretty naive algorithm, but it illustrates the point)
asprintf()做这一步为你 - 计算字符串的长度,分配的内存量,以及字符串写入到它
asprintf() does this in one step for you - calculates the length of the string, allocates that amount of memory, and writes the string into it.
char *x;
int size = asprintf(&x, "%s%s%s", "12", "34", "56");
在所有的情况下,一旦你与 X 完成,你需要释放它,或者你内存泄漏:
In all cases, once you've finished with x you need to release it, or you leak memory:
free(x);
asprintf()是一个隐含的的malloc(),所以你必须检查它的工作,就像你将与的malloc()或任何其他系统调用。
asprintf() is an implicit malloc(), so you have to check it worked, just as you would with malloc() or any other system call.
if(size == -1 ) {
/* deal with error in some way */
}
这篇关于为什么要使用Asprintf?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
