[Vortex] Safe string functions

Robert M. Münch robert.muench at robertmuench.de
Wed Apr 16 15:47:40 CEST 2008

On Mon, 14 Apr 2008 11:15:26 +0200, Francis Brosnan Blazquez  
<francis at aspl.es> wrote:

> My first impression is that using a managed implementation does not
> provide safety per se.

Hi, well, I think this topic is like "which programming language is the  
best?". Nevertheless I think code safty comes from using and integrating a  
lot of different aspects.

> We have worked to remove all dependencies on external projects we think
> tend to provide bad results, to write clean implementations that are
> checked against regression tests (with tools like valgrind) which not
> only ensure we don't leak, but all memory access are properly done.

To keep dependencies to a minimum is absolut the right way. Here, the code  
base is simple, small and doesn't add any dependencies because you could  
include the code.

And, I don't referr to memory leaks etc. this is something that can be  
solved by knowing your handwork. I'm more thinkin about what kind of  
messages will bomb a server.

> For us, safety comes from a constant work checking all APIs introduced
> as much as possible and then run regression tests under different
> environments.

Well, a regression test can only show the presence of a problem never its  
absence. ;-) Same for leak detection.

My point is, that submitting wrong formed meseages etc. can result in code  
being executed that shouldn't. IMO using managed strings can reduce this  
risk by a magnitude.

However, just wanted to note that in these times this is a critical issue  
to take care about. Robert

More information about the Vortex mailing list