在C中安全地打印struct的所有属性

时间:2014-03-14 20:19:28

标签: c security struct

我正在编写一个toString方法,它打印输出指向结构的指针的所有属性。在阅读处理字符串的安全方法时,我最终创建了以下解决方案: 注意Person结构具有属性名称,重量,高度和年龄(除了名称之外的所有整数,这是一个char数组)。

char* toString(struct Person* inputPerson)
{
    // Allocate memory to return string
    char* ret = malloc(sizeof (char) * 100);
    // copy "Name: " into string
    strcpy(ret, "Name: ");
    // safely copy name, at most leaving enough room for the other params (leaving 50 bytes) 
    strncat(ret, inputPerson->name, 100-50);
    // copy "Age: " into string
    strcat(ret, "\n\tAge: ");
    // create tmp char to allow us to convert ints age, weight, and height into strings
    char tmp[4];
    // safely convert string to int (max number of digits being 3)
    snprintf(tmp, sizeof(tmp), "%d", inputPerson->age);
    // safely copy at most 3 characters, plus a null terminating char
    strcat(ret, tmp); // the previous snprintf makes sure that tmp is not too large.
    // repeat previous 2 steps for both weight and height attributes
    strcat(ret, "\n\tWeight: ");
    snprintf(tmp, sizeof(tmp),  "%d", inputPerson->weight);
    strcat(ret, tmp);
    strcat(ret, "\n\tHeight: ");
    snprintf(tmp, sizeof(tmp), "%d", inputPerson->height);
    strcat(ret, tmp);

    // Return a pointer to the string
    return ret;
}

我的问题是:这有点矫枉过正吗?我想要做的就是安全可靠地打印每个属性。对于每个字符串,我必须确保它在追加之前是最大大小。对于每个整数,我必须将其打印成一个字符串(确保允许的最大长度),然后将该字符串附加到我的返回字符串。有更简单的方法吗?每当我查看“100-50”代码部分时,我的heebie jeebies也在增长:如何指定“分配给ret的大小”而不是100?

1 个答案:

答案 0 :(得分:6)

既然你是malloc返回缓冲区,为什么不通过分配正确大小的缓冲区来让自己的生活更轻松?正如Joachim建议的那样,你甚至可以用snprintf

来做到这一点 
char* toString(struct Person* inputPerson)
{
    size_t space_required =
        snprintf(0, 0,
                 "Name: %s\n"
                 "\tAge: %d\n"
                 "\tWeight: %d\n"
                 "\tHeight: %d\n",
                 inputPerson->name,
                 inputPerson->age,
                 inputPerson->weight,
                 inputPerson->height);

    // space_required excludes the terminating NUL
    // sizeof(char) == 1 *by definition*
    char *ret = malloc(space_required+1);
    if (!ret)
        return 0;

    snprintf(ret, space_required+1,
             "Name: %s\n"
             "\tAge: %d\n"
             "\tWeight: %d\n"
             "\tHeight: %d\n",
             inputPerson->name,
             inputPerson->age,
             inputPerson->weight,
             inputPerson->height);
    return ret;
}

这可能看起来很糟糕。如果你的C库有asprintf,你可以避免重复:

char* toString(struct Person* inputPerson)
{
    char *ret;
    if (asprintf(&ret,
                 "Name: %s\n"
                 "\tAge: %d\n"
                 "\tWeight: %d\n"
                 "\tHeight: %d\n",
                 inputPerson->name,
                 inputPerson->age,
                 inputPerson->weight,
                 inputPerson->height) == -1)
        return 0;
    return ret;
}

如果您拥有asprintf,则可以使用mallocvsnprintf来实现它。我会把它留作练习; - )

相关问题
最新问题