On Oct 1, 2002 at 01:42, q u a s i wrote:
At 10:18 even 9/29/02 -0700, Satya wrote:
Fixed-size arrays are often (not always) bad.
ummm... Would it be possible to enlighten us (me) on this issue?
Classic buffer overflow. Say you have:
char buf[80]; /* i like 80 */
and you read user input or network data into that buffer, without checking bounds.
Even if you do bounds checking, you'll have a limited input condition.
This is fine if, for example, you're reading birthdates in yyyymmdd format (example, could be mm-dd-yyyy for all I care), you know it's always going to be 8 (or 9, considering Y10K) chars (plus 1 for the trailing null, which depending on your application you may not need), so you can have that be static.
But it's safest to malloc and realloc, because then you're only limited by how much memory the OS is willing to give you.