3.4. Using the SafeStr Library
You want an alternative to using the standard C string-manipulation functions to help avoid buffer overflows (see Recipe 3.3), format-string problems (see Recipe 3.2), and the use of unchecked external input.
Use the SafeStr library, which is available from http://www.zork.org/safestr/.
The SafeStr library provides an implementation of dynamically sizable strings in C. In addition, the library also performs reference counting and accounting of the allocated and actual sizes of each string. Any attempt to increase the actual size of a string beyond its allocated size causes the library to increase the allocated size of the string to a size at least as large. Because strings managed by SafeStr (“safe strings”) are dynamically sized, safe strings are not a source of potential buffer overflows. (See Recipe 3.3.)
Safe strings use the type
, which can actually be cast to the normal
C-style string type,
char *, though we strongly
recommend against doing so where it can be avoided. In fact, the only
time you should ever cast a safe string to a normal C-style string is
for read-only purposes. This is also the only reason why the
safestr_t type was designed in a way that allows
casting to normal C-style strings.
Casting a safe string to a normal C-style string and modifying it using C-style string-manipulation functions or other means defeats the protections and accounting afforded by the SafeStr library.
The SafeStr library ...