
Pavel Antokolsky aka Zigmar wrote:
For me personally, the reason I didn't submit any review, that I'm not completely understand the purpose of the library. The documentation (as few mentioned) lacks motivation and general description. So how can I review the library, if I can't understand what the library is trying to solve and how. I can't say for others, but for it is the reason. I suggest that even if documentation can't be updated during formal review, that the author will give a little more extended explanation here, at mail list.
The main aim of the library was presented in the "The Problem"/"The Solution" sections (the first ones) of the documentation. Normally, in C (or even some C++ code), you have constructs that look like this: char buffer[ 15 ]; sprintf( buffer, "Some %s text", "verly long" ); The problem is that the above would cause a buffer overrun, which is the most common cause of denial of service attacks and other security holes in major applications. The variant that allows you to specify the size of the string buffer is better, but not prefect. Consider the following: wchar_t buffer[ 5 ]; wcsncpy( buffer, sizeof(buffer), L"12345678" ); At first glance, this code looks safe, but will also cause a buffer overrun. The fixed_string class is designed to solve this problem. The above examples would be: fixed_string< 15, char > buffer; sprintf( buffer, "Some %s text", "verly long" ); and: fixed_string< 5, wchar_t > buffer; wcscpy( buffer, L"12345678" ); If the introduction does not make this clear, I have written the documentation wrong. *This* is why feedback is useful - to know what people don't understand about the documentation, so I can address those issues for the next review. Otherwise, the documentation will most likely still suffer from the same problems. Also, the C and C++ string implementations do not prevent you passing in null strings. Thus, in the msvc 7.1 implementation, the following will cause a run-time crash: std::string foo( 0 ); std::ostringstream ss; ss << "Crash! Boom! Bang!" << static_cast< const char * >( 0 ) << std::endl; - Reece