Safer C Library

From Open Watcom

Revision as of 02:01, 26 May 2012; view current revision
←Older revision | Newer revision→
Jump to: navigation, search

The "Safer C Library" is the first major enhancement of the standard C library in many, many years. Its primary goal is to provide a set of "safe" functions with bounds checking and parameter validation. A secondary objective is to provide re-entrant (and therefore, thread-safe) replacements for poorly designed standard C library functions that use static buffers.

Strictly speaking, the Safer C Library offers little new functionality. Almost everything the extension does can be already achieved through other means. However, the new functions offer a consistent set of interfaces redesigned for safer use. It is expected that many users will wish to modify existing code to use the new functions.

The Safer C Library functions significantly reduce (but don't completely eliminate) the incidence of undefined behaviour. An important new concept is that of runtime-constraints. These constraints place requirements on arguments passed to the new functions; for instance, passing a null pointer argument is in most cases considered a runtime-constraint violation. If such violation occurs, a constraint handler will be called. The library provides several pre-made handlers, and users can register their own handler.

Proper use of the extension should to a large extent eliminate the danger of buffer overflows related to library calls. It should also lead to cleaner and more maintainable user code, because many checks that programmers (not the sloppy ones, obviously!) had to previously perform themselves are now encapsulated in library code.

The extension was delivered in Open Watcom version 1.5.

TR 24731 Tests

While implementing Safer C support, we have developed a non-exhaustive but fairly extensive set of tests for the new functions. We have made these tests available under the MIT license for general use. The archive may be downloaded here.

Implementation status for functions

Function Header Implemented Documented Test written
tmpfile_s stdio.h yes yes yes
tmpnam_s stdio.h yes yes yes
fopen_s stdio.h yes yes yes
freopen_s stdio.h yes yes yes
fprintf_s stdio.h yes yes yes
fscanf_s stdio.h yes yes yes
printf_s stdio.h yes yes yes
scanf_s stdio.h yes yes yes
snprintf_s stdio.h yes yes yes
sprintf_s stdio.h yes yes yes
sscanf_s stdio.h yes yes yes
vprintf_s stdio.h yes yes yes
vfscanf_s stdio.h yes yes yes
vprintf_s stdio.h yes yes yes
vscanf_s stdio.h yes yes yes
vsnprintf_s stdio.h yes yes yes
vsprintf_s stdio.h yes yes yes
vsscanf_s stdio.h yes yes yes
get_s stdio.h yes yes yes
set_constraint_handler_s stdlib.h yes yes yes
abort_handler_s stdlib.h yes yes yes
ignore_handler_s stdlib.h yes yes yes
getenv_s stdlib.h yes yes yes
bsearch_s stdlib.h yes yes yes
qsort_s stdlib.h yes yes yes
wctomb_s stdlib.h yes yes yes
mbstowcs_s stdlib.h yes yes yes
wcstombs_s stdlib.h yes yes yes
memcpy_s string.h yes yes yes
memmove_s string.h yes yes yes
strcpy_s string.h yes yes yes
strncpy_s string.h yes yes yes
strcat_s string.h yes yes yes
strncat_s string.h yes yes yes
strtok_s string.h yes yes yes
strerror_s string.h yes yes yes
strerrorlen_s string.h yes yes yes
strnlen_s string.h yes yes yes
asctime_s time.h yes yes yes
ctime_s time.h yes yes yes
gmtime_s time.h yes yes yes
localtime_s time.h yes yes yes
fwprintf_s wchar.h yes yes yes
fwscanf_s wchar.h yes yes yes
snwprintf_s wchar.h yes yes yes
swprintf_s wchar.h yes yes yes
swscanf_s wchar.h yes yes yes
vfwprintf_s wchar.h yes yes yes
vfwscanf_s wchar.h yes yes yes
vsnwprintf_s wchar.h yes yes yes
vswprintf_s wchar.h yes yes yes
vswscanf_s wchar.h yes yes yes
vwprintf_s wchar.h yes yes yes
vwscanf_s wchar.h yes yes yes
wprintf_s wchar.h yes yes yes
wscanf_s wchar.h yes yes yes
wcscpy_s wchar.h yes yes yes
wcsncpy_s wchar.h yes yes yes
wmemcpy_s wchar.h yes yes yes
wmemmove_s wchar.h yes yes yes
wcscat_s wchar.h yes yes yes
wcsncat_s wchar.h yes yes yes
wcstok_s wchar.h yes yes yes
wcsnlen_s wchar.h yes yes yes
wcrtomb_s wchar.h yes yes yes
mbsrtowcs_s wchar.h yes yes yes
wcsrtombs_s wchar.h yes yes yes

Other items

The __STDC_LIB_EXT1__ macro is predefined by the C compiler to 200509L to indicate TR 24731 support. This macro can be queried whether the support is available. To use the Safer C functions, #define __STDC_WANT_LIB_EXT1__ 1 before including standard header.

Personal tools