On Wed, 2007-05-09 at 11:29 -0400, Stephen Smalley wrote: > > 4) We assume NULL-terminated strings all over the place - should we be > > providing apis with length? Alternatively, should we provide a better > > string object (since we are currently re-inventing the wheel, why not?). > > We could pull in something like James Antills Vstr library - > > http://www.and.org/vstr/ (read and be amazed at the diligence of James). > > It just seems crazy that our apis are not the safest. > > I'm not clear that tracking length separately is advantageous for these > APIs. I assume you mean "tracking length separately is not advantageous"? > What specific advantages would accrue to libsepol from using > vstr? What is the cost (incl. dependencies)? I'm not sure you need all the power of Vstr, while it certainly provides a lot of convenience functions that you could use the main design focus was on IO strings that travel across the network ... not on lots of small strings in hashtables etc. The Vstr lib. itself has no deps. However I am convinced that having just char* is not a suitable string ADT, tracking the length/size separately never works out well from a bugs POV. Also sepol seems to do a _lot_ of comparisons, being able to implement "eq" as: (s1->len == s1->len && !memcmp(s1->ptr, s2->ptr, s1->len) ...is a major win. -- James Antill