s/String discussion (again)

The point is not about « can not use them ».

If you deal with a small nail, you don’t go grab the sledgehammer you use your brain and pick the right tool for the job.

What I’m saying is that they don’t replace them but are an extra tool to use when you don’t need the extra capability.

Say you have a large global buffer you reuse to build various URL with parametes. It would be OK by me to strcpy() the initial first part of the url (« http://server.com/project/dothis » or « http://server.com/project/dothat ») as you know for sure there is enough room For this text.

Then in a loop You would use strlcat() for adding your parameters for example esp. if there is unknown data length at compile time and check for proper behavior

But you could also check the available memory in the buffer before using strcat() if you don’t want to mess up the buffer content (add part of a parameter and have a complex fall back error management to get to the previous content) and decide to send a well formed (even if incomplete) request and then repeat for the remaining data (sending well formed chunked requests maximizing buffer size for example if you are in a fixed size packet based radio).

Why would you use strlcpy() for the first one or use strlcat() for the other ones if you check room beforehand to keep a well formed URL in the buffer besides following corporate coding guidelines?

There is no risk, it’s a function call doing the right thing and not premature optimization in my view. It’s the normal hammer, not the sledgehammer.

It’s fine if you see differently or if you make the coding rules in your company and just want to not have to deal with deeper code review at all for engineering cost reason and are fine with the additional small performance/resource penalty - but don’t make abusive generalization and say the code will crash if you do this. It won’t if you have your brain on when you code.

My point - when coding for small microcontrollers especially - is know your tools and use the right one for the task at hand but follow corporate rules if there is such a norm where you develop. (I’ve seen thriving environments with both approaches- those with strict code reviews and more freedom in coding tend to attract and retain better programmers)

PS: and because you are a smart programmer who knows its functions, you do that yourself in your library...

or is it "do as I say, not as I do" :slight_smile: :innocent:

@J-M-L Get back to me when you have finished 'hand waving' and have some real world sketches to discuss.

I guess you are out of argument….

This is not a philosophical discussion group. It is about 'real' code. When you get to that point we can continue.

It’s the bar category…

And meta level discussion is applicable to all sorts of code and situation. I gave you use cases. Can’t you handle abstraction?

Besides, What’s the value of posting code that work?

You have yet to post 'working' code for strcat.
Or a 'working' version of https://forum.arduino.cc/t/use-of-string-char-causes-arduino-code-to-restart/ that won't crash on un-expected input.
As I said get back to me when you start working in the real world.

and never make mistakes OR change the code later OR have to deal with input of unknown length.
You are driving without a seat belt there. No problems until you crash.

That's the beauty of libraries you write them once and debug them and then reuse them.
You are proposing rewriting and debugging continually.
Bound to get more errors that way.
Not a very productive approach, but if that's how you want to spend your time, you have more time them I do.
You will see from the SafeString code that is does A LOT of error checking that I would not want to rewrite every time.

You have made a lot of high level comments that hide the nitty detail -- still no example sketches to illustrate the code required.

of course. but that's using the sledgehammer all the time, even when you don't have to.

You are proposing rewriting and debugging continually

No I'm saying be careful and use the right tool when necessary.

still no example sketches to illustrate the code required

I don't get your insistance.

You did so in your library, I'm sure after careful consideration.. why didn't you call strlcpy() instead of strcpy() ? why did you use a char buffer instead of a String? ( :slight_smile: )

The point is not that saving those resources is always critical, the point is that doing unneeded work is a bad idea. Don't need it? don't do it.

I did not know they existed on Arduino :frowning:

The whole point of the library, to provide an alternative to String based on static char[ ]. Was that not obvious to you?

My objections to strcpy are based on a real life example of the crashes it causes.
Without example sketches your discussion is just all talk and opinion.
Not much use for OP's on this forum.

Kinda like a man who is his own lawyer has a fool for a client.


Wasn’t the smiley next to it obvious?

So you want to see questions about code properly written that does not crash?

Most of the string questions where code crashes are either abusing of the String class or have buffer overflow because OPs were careless or clueless. Using strlcpy() without testing the result for proper execution would have led to misbehavior in the code. If they had checked before, the would not need to use the l version. By posting their question, they gained useful knowledge. Learning from mistake is powerful.

And of course I don’t buy your explanation of why you used strcpy()…
remember you wrote

Start a new post when you have finished 'hand waving' and have some real sketches to discuss.

Yeah… that’s what people say when they don’t have any meaningful point to bring to the table.

When you are ready to bring real sketches to the table we can continue. Otherwise just hot air.
I am not here to 'point' score but to refine my understanding of what works in the real world so I can better advise the posters, backed up with real code examples.

As I said earlier you are making general statements which you present as the unique truth. That’s what I disagree with. There are use cases for strcpy or strcat versus strlcpy/strlcat, I gave you some,

What works in real world does not make it to the forums’ questions…

I have code happily running without your class, without n or l version of strcpy or strcat…

And If 7 digits d’or double ought to be enough for everything in the world, why did we invent 64 bits double or even support long double in many architectures?

I guess enough for this thread, I’ll see you in another one.

Ahh the secret code you will not share.
What is the first advice of this forum to posters
Post the code!!

Come on - let’s be serious a minute - The first advice is post the code …. when they have an issue…

my code is totally fine. Running for years indoor and outdoor.

So talking about real code : will you replace your strcpy that is fine with strlcpy and test for proper completion in your library? Who knows those 4 or 5 characters might have a tough time fitting in the 33 byte buffer. if you talk the talk, you should walk the walk...

or would you recognise this is uncalled for, unneeded, a good example of code that will be solid (well - you allocated the buffer on the stack - something else that can go wrong… may be need to check stack availability ?)

If you want to continue this discussion.
Post an example sketch to discuss.

here you go.

char result[33];
double d = 1.2345678901234567890;
int decs = 10;

void setup() {
  if (isnan(d))                 strcpy(result, "nan");
  else if (isinf(d))            strcpy(result, "inf");
  else if (d >= 4294967039.0)   strcpy(result, "ovf");  // constant determined empirically
  else if (d <= -4294967039.0)  strcpy(result, "-ovf"); // constant determined empirically
  else if (decs > 7)            decs = 7;               // seems to be the limit for print
  dtostrf(d, 1, decs, result);

  Serial.println(d, decs);

void loop() {}

Should I be worried about using strcpy() or dtostrf()? I've read they are really bad and will crash my sketch :wink:

Are you suggesting this is a one off 'sketch' that a user on this forum would write?
Looks more like a library function.
Actually looks like you copied that code from my SafeString library.
Is none of your own code good enough to be seen?

This is what users actually post float/double in sprintf without and with dtostrf

void setup()
    double dblB = 0.31830988;
    char buf[20];

    SerialUSB.println("dtostrf() demo program");

    dtostrf(dblB, 0, 8, buf);

Which is why I recommend my SafeString library function, because dtostrf( ) is easy to get wrong and result in a buffer overflow.