diff options
author | Tilghman Lesher <tilghman@meg.abyt.es> | 2009-08-10 19:20:57 +0000 |
---|---|---|
committer | Tilghman Lesher <tilghman@meg.abyt.es> | 2009-08-10 19:20:57 +0000 |
commit | 642bec4d6fea7afad99b6a4853418081137a48ba (patch) | |
tree | 2596a6cb913ad8bd78e4670d298dc1d4682b2d23 /doc | |
parent | 41894bea92b7d2079fd666a3186b84ff92a5e0e5 (diff) |
AST-2009-005
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@211539 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'doc')
-rw-r--r-- | doc/CODING-GUIDELINES | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/CODING-GUIDELINES b/doc/CODING-GUIDELINES index c81ca5c6b..8fb213e13 100644 --- a/doc/CODING-GUIDELINES +++ b/doc/CODING-GUIDELINES @@ -412,6 +412,17 @@ you wish to put into it (even if you did not allocate the buffer yourself), use a direct strcpy(), as it can be inlined and optimized to simple processor operations, unlike ast_copy_string(). +* String conversions +-------------------- + +When converting from strings to integers or floats, use the sscanf function +in preference to the atoi and atof family of functions, as sscanf detects +errors. Always check the return value of sscanf to verify that your numeric +variables successfully scanned before using them. Also, to avoid a potential +libc bug, always specify a maximum width for each format specifier, including +integers and floats. A good length for both integers and floats is 30, as +this is more than generous, even if you're using doubles or long integers. + * Use of functions ------------------ |