From: Glynn Clements <glynn@gclements.plus.com>
To: James Colannino <james@colannino.org>
Cc: linux-c-programming@vger.kernel.org
Subject: Re: comparing char to other known char's
Date: Fri, 24 Jun 2005 09:32:31 +0100 [thread overview]
Message-ID: <17083.50463.358080.49397@gargle.gargle.HOWL> (raw)
In-Reply-To: <42BB52E4.5090504@colannino.org>
James Colannino wrote:
> > Generally speaking (in terms of input validation), its better practice to
> > check against a LEGAL set of characters rather than an illegal set. That way
> > you can get all the characters you need, but everything else is blocked. If
> > you block illegal ones you're bound to miss a few or even ones from extended
> > charsets and input methods that you might not have thought of that could
> > wreck havoc in your program.
>
> Here's what I've whipped up based on your suggestion that I should look
> for legal characters instead of the other way around:
>
> <CODE>
>
> /* This function returns 1 if the character being checked is legal and 0
> if it isn't. */
>
> int legal_characters(char character_to_check) {
>
> int index;
> legal_characters[] =
Should be preceded by "char", i.e.
char legal_characters[] =
Better still, make it static and constant:
static const char legal_characters[] =
> "abcdefghijklmnopqrstuvwxyzAVCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-";
^
Typo; should be "B".
> int number_of_legal_chars = sizeof(legal_characters) / sizeof(char);
>
> for (index = 0; index < number_of_legal_chars; ++index) {
> if (character_to_check == legal_characters[index])
> return 1;
> }
> How does this function look?
You can replace the loop with a call to strchr(). But using a lookup
table as suggested by Eric would be significantly more efficient.
--
Glynn Clements <glynn@gclements.plus.com>
next prev parent reply other threads:[~2005-06-24 8:32 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-22 23:22 comparing char to other known char's James Colannino
2005-06-22 23:44 ` David L. Martin
2005-06-22 23:46 ` Eric Bambach
2005-06-23 0:25 ` James Colannino
2005-06-23 13:10 ` Adrian Popescu
2005-06-23 20:40 ` James Colannino
2005-06-23 22:57 ` Eric Bambach
2005-06-23 23:58 ` James Colannino
2005-06-24 0:25 ` James Colannino
2005-06-24 3:34 ` Eric Bambach
2005-06-24 5:48 ` James Colannino
2005-06-24 7:57 ` J.
2005-06-24 8:32 ` Glynn Clements [this message]
2005-06-25 11:58 ` HIToC
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=17083.50463.358080.49397@gargle.gargle.HOWL \
--to=glynn@gclements.plus.com \
--cc=james@colannino.org \
--cc=linux-c-programming@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).