[fossil-users] C Best Practices
I have been using C for many more projects over the past year. I enjoy writing projects in C because they are fast, reasonably portable (across unices), and have a small footprint. The coding style is natural to me and I enjoy having insight into some of the lower level details. I approach the language with caution, however, due to its pointy sharp edges. It seems that wherever I turn on the Internet, others decry the notion of using C for anything other than low-level systems programming. Creating a web app in C seems universally panned, and the Internet questions the sanity of all who attempt it. Fossil has carved out its own little niche in the face of this. My sense is that this list is rife with C aficionados, or at least people who see the advantages, and I thought it might be fun to discuss a few techniques we use to create secure, stable applications using this language. I realize this might be a little off-topic for the fossil users list, and I apologize in advance for that. Call it my end-of-year indulgence. I think it's an advantage, though, because we might be able to get better viewpoints than those we so often find on the internet (particularly from Richard). For those who use/prefer C, how do you make sure your applications are secure? Is there a concise, pragmatic summary of techniques for secure code? What pitfalls do you encounter with C and how do you address these? It seems like the biggest issue is lack of standard data types. What advice would you give to someone who spent the last year getting comfortable with the C environment and wants to take advantage of all it has to offer? Thanks! ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] C Best Practices
On Mon, Dec 30, 2013 at 8:38 PM, Sean Woods s...@seanwoods.com wrote: I realize this might be a little off-topic for the fossil users list, and I apologize in advance for that. Call it my end-of-year indulgence. I think it's an advantage, though, because we might be able to get better viewpoints than those we so often find on the internet (particularly from Richard). i'll go ahead and voice some thoughts before this thread gets banned as being too OT ;). For those who use/prefer C, how do you make sure your applications are secure? Is there a concise, pragmatic summary of techniques for secure code? In my experience, if inputs and ranges are valid/validated, there's very little which can happen in terms of buffer-related security. A lot of historical security holes (arguably the majority) were caused by laziness (or poor assumptions) on someone's part. Security against, e.g., SQL injection is much more problematic nowadays, i think, and we (==Fossil devs) try to take care to use sqlite3's facilities for avoiding those (e.g. using bound parameters instead of direct SQL string creation, and using sqlite's %q/%Q format specifiers when bound parameters are not feasible/practical). What pitfalls do you encounter with C and how do you address these? It seems like the biggest issue is lack of standard data types. The lack of standard higher-order data types is certainly a big time sink for many apps, but OTOH it forces us to write case-specific solutions which are possibly a better fit for the task at hand (and possibly more efficient). That lack is a mixed blessing, IMO. i've learned to accept it. i came back to C after growing up in the STL-using C++ world. The STL is a _huge_ time saver, and compilers are good enough to optimize out some of the levels of perceived inefficiencies. (And it's a simple fact that the STL saves development time over hand-writing/testing custom data structures which do the same thing.) What advice would you give to someone who spent the last year getting comfortable with the C environment and wants to take advantage of all it has to offer? Oh, boy. As a matter of fact... a few years ago i posed myself a very similar question a while after i had gotten (back) into C, and i ended up writing: http://wanderinghorse.net/computing/papers/DoingOOInC.pdfhttp://wanderinghorse.net/computing/papers/#oo_c that's an article on how [i prefer] to model OO in C (because i'm not happy with most approaches i see in C code). Other than that, my advice would be to find projects which successfully deploy C and study them. sqlite is certainly the example which comes foremost to mind. In C anything is possible, which leaves the doors wide open as to what and how things get programmed, with no single right/wrong answer for the vast, vast majority of the programming problems out there. But you certainly knew that there would be no simple do this and this and this answer to your question ;). -- - stephan beal http://wanderinghorse.net/home/stephan/ http://gplus.to/sgbeal Freedom is sloppy. But since tyranny's the only guaranteed byproduct of those who insist on a perfect world, freedom will have to do. -- Bigby Wolf ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] C Best Practices
I'm a die-hard C junkey and it's done me well over the years. Most of my career has been writing C for embedded systems where the newest high-level language runtime just won't fit. I've written some fairly unconventional human-machine-interface web apps where the server side is written in C and it worked great. I love use fossil because it works everywhere and when it doesn't do what I want it to it's easy to change it. I think it's extreme portability is attributed to the fact that it's well designed and written in C. C's not the end-all but in my experience it's been quite effective, and long lived. http://en.wikipedia.org/wiki/C_(programming_language) On Mon, Dec 30, 2013 at 2:02 PM, Stephan Beal sgb...@googlemail.com wrote: On Mon, Dec 30, 2013 at 8:38 PM, Sean Woods s...@seanwoods.com wrote: I realize this might be a little off-topic for the fossil users list, and I apologize in advance for that. Call it my end-of-year indulgence. I think it's an advantage, though, because we might be able to get better viewpoints than those we so often find on the internet (particularly from Richard). i'll go ahead and voice some thoughts before this thread gets banned as being too OT ;). For those who use/prefer C, how do you make sure your applications are secure? Is there a concise, pragmatic summary of techniques for secure code? In my experience, if inputs and ranges are valid/validated, there's very little which can happen in terms of buffer-related security. A lot of historical security holes (arguably the majority) were caused by laziness (or poor assumptions) on someone's part. Security against, e.g., SQL injection is much more problematic nowadays, i think, and we (==Fossil devs) try to take care to use sqlite3's facilities for avoiding those (e.g. using bound parameters instead of direct SQL string creation, and using sqlite's %q/%Q format specifiers when bound parameters are not feasible/practical). What pitfalls do you encounter with C and how do you address these? It seems like the biggest issue is lack of standard data types. The lack of standard higher-order data types is certainly a big time sink for many apps, but OTOH it forces us to write case-specific solutions which are possibly a better fit for the task at hand (and possibly more efficient). That lack is a mixed blessing, IMO. i've learned to accept it. i came back to C after growing up in the STL-using C++ world. The STL is a _huge_ time saver, and compilers are good enough to optimize out some of the levels of perceived inefficiencies. (And it's a simple fact that the STL saves development time over hand-writing/testing custom data structures which do the same thing.) What advice would you give to someone who spent the last year getting comfortable with the C environment and wants to take advantage of all it has to offer? Oh, boy. As a matter of fact... a few years ago i posed myself a very similar question a while after i had gotten (back) into C, and i ended up writing: http://wanderinghorse.net/computing/papers/DoingOOInC.pdfhttp://wanderinghorse.net/computing/papers/#oo_c that's an article on how [i prefer] to model OO in C (because i'm not happy with most approaches i see in C code). Other than that, my advice would be to find projects which successfully deploy C and study them. sqlite is certainly the example which comes foremost to mind. In C anything is possible, which leaves the doors wide open as to what and how things get programmed, with no single right/wrong answer for the vast, vast majority of the programming problems out there. But you certainly knew that there would be no simple do this and this and this answer to your question ;). -- - stephan beal http://wanderinghorse.net/home/stephan/ http://gplus.to/sgbeal Freedom is sloppy. But since tyranny's the only guaranteed byproduct of those who insist on a perfect world, freedom will have to do. -- Bigby Wolf ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] C Best Practices
El Mon, 30 Dec 2013 14:38:55 -0500 Sean Woods s...@seanwoods.com escribió: I have been using C for many more projects over the past year. I enjoy writing projects in C because they are fast, reasonably portable (across unices), and have a small footprint. The coding style is natural to me and I enjoy having insight into some of the lower level details. I approach the language with caution, however, due to its pointy sharp edges. It seems that wherever I turn on the Internet, others decry the notion of using C for anything other than low-level systems programming. Creating a web app in C seems universally panned, and the Internet questions the sanity of all who attempt it. Fossil has carved out its own little niche in the face of this. My sense is that this list is rife with C aficionados, or at least people who see the advantages, and I thought it might be fun to discuss a few techniques we use to create secure, stable applications using this language. I realize this might be a little off-topic for the fossil users list, and I apologize in advance for that. Call it my end-of-year indulgence. I think it's an advantage, though, because we might be able to get better viewpoints than those we so often find on the internet (particularly from Richard). For those who use/prefer C, how do you make sure your applications are secure? Is there a concise, pragmatic summary of techniques for secure code? What pitfalls do you encounter with C and how do you address these? It seems like the biggest issue is lack of standard data types. What advice would you give to someone who spent the last year getting comfortable with the C environment and wants to take advantage of all it has to offer? ... When I put in a balanced plate the cost in time to develop an app and in the other plate the cost in use/deploy the app, always the first one wins. What I want to say is that developing an app in C may cost in time a bit more time, but when you have to use it, you need a lot less hardware, energy, refrigeration, mantenience etc... for the rest of the app life. We changed a java multiserver web app with a C one server only and amortized the develop in 2 months. Some advices: a) Don't reinvent the wheel, use already trusted developed libs. b) Don't use pointer arithmetic if you don't understand it. Learn first and try. c) Read the RFC 1925, it's the best of all RFC. It's not a joke. d) Don't use standard io old functions, some aren't secure. You can find a list on Internet. e) Don't use malloc and companions directly, use a function or an inline function for memory management. You can find examples how to do that in postgresql, sqlite, etc... f) Be clear on what the app must do and don't. Develop time is money g) All functions must return something, at least an error code. h) Think twice, organize and plan the develop before click any key i) Test your code, you don't need to be an expert on TDD to write tests, but it helps. j) Metric your code performance AFTER having a working project. You can create the metrics code while develop the tester code. If you need to develop a time limited project, you can use these already trusted libraries with BSD/MIT/X11/Public Domain (GPL FREE) a)app skeleton libevent http://libevent.org/ b)libbsd utilities http://libbsd.freedesktop.org/wiki/ c)scgi programming http://www.xamuel.com/scgilib/ d)database ;) http://www.sqlite.org e)security/crypto Botan (C++11) http://botan.randombit.net/ We are changing from 0MQ(GPL) to nanomsg(BSD) for distributed messaging, nanomsg is still on alpha state but works! I repeat, the c) point is not a joke. Thanks! HTH P.S. Remember to read the c) point! ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users