[Firebird-devel] Literal strings

[Claudio V. C. <cv...@us...>]

People, as you know, literal strings should be treated as constant strings.
Why didn't C++ enforce that? Because almost no C program would have compiled
in C++. In that scenario, C++ would hardly had gained momentum.
I've been always worried by cases where things like this may happen:
char* p = "hello";
...
strcpy(p, "bye");

The "hello" could even be stored with the rest of the code, given some
compiler/platform combination. Having the possibility to modify a literal
string is IMO a disaster waiting to happen. What if the platform enforces
some protection on the code section? We don't have segment/offset issues
anymore, but anyway, due to buffer overrun attacks and other issues, even HW
may start enforcing R/O attributes where the code resides.

Apparently, the C++ committe has decided to close the hole in the C++ type
system and in the future, literal strings will be enforced as constant
strings. Not that I'm in a rush to satisfy the committe, but from a
pragmatic POV, I find literals that may be overwritten worse than a trap.

I spent "a few minutes" to hunt down several suspicious places in the engine
and (think that) fixed them. Changes seemed to be trivial. However, I ask
peer review of the following places, to ensure I didn't screw FB:
dsql/ddl.cpp: modify_privileges
jrd/isc.cpp: ISC_get_user (UNIX version)
jrd/jrd.cpp: check_database

There are more places, a bit subtler than the ones I changed, specially when
assigning literal strings through ugly casts to the status vector, but this
is a task for another day. I'm going to commit now.

BTW, this status vector needs a visit to the doctor. Assigning a pointer to
an ISC_STATUS may not be a joke if the former is bigger in size.

C.
--
Claudio Valderrama C.
Consultant, SW developer.
www.cvalde.net - www.firebirdSql.org