ISO/IEC TR 24731-1:2007 信息技术 程序设计语言及其环境和系统软件接口 C语言库的扩充 第1部分：跳跃检测接口

标准编号：ISO/IEC TR 24731-1:2007

中文名称：信息技术 程序设计语言及其环境和系统软件接口 C语言库的扩充 第1部分：跳跃检测接口

英文名称：Information technology — Programming languages, their environments and system software interfaces — Extensions to the C library — Part 1: Bounds-checking interfaces

发布日期：2007-09

标准范围

ISO/IEC TR 24731-1:20 07为C库（如ISO/IEC 9899:1999中定义的）提供了替代功能，以促进更安全、更可靠的编程。这些函数验证输出缓冲区对于预期结果是否足够大，如果不够大，则返回一个失败指示符。可选地，失败的函数调用“运行时约束处理程序”来报告错误。数据永远不会被写入数组的末尾。所有字符串结果都以null结尾。此外，ISO/IEC TR 24731-1:20 07中的函数是可重入的:它们从不返回指向函数拥有的静态对象的指针。ISO/IEC TR 24731-1:20 07还包含解决C输入输出设施不安全性的功能。

ISO/IEC TR 24731-1:2007 provides alternative functions for the C Library (as defined in ISO/IEC 9899:1999) that promote safer, more secure programming. The functions verify that output buffers are large enough for the intended result, and return a failure indicator if they are not. Optionally, failing functions call a "runtime-constraint handler" to report the error. Data is never written past the end of an array. All string results are null terminated. In addition, the functions in ISO/IEC TR 24731-1:2007 are re-entrant: they never return pointers to static objects owned by the function.ISO/IEC TR 24731-1:2007 also contains functions that address insecurities with the C input-output facilities.

标准预览图