void formatn(INT64 number, char* formated){
char CStr[60]="";
sprintf(CStr,"%d",number);
std::string str = CStr;
for (int i = str.length()-3; i > 0; i -= 3){
str.insert(i, ".");
}
strcpy(formated, str.c_str());
}
It doesn't work if the thousands seperator is the ",".
Use the system's locale to determine the thousands seperator, and not hard code the character. There are various Windows and C++ locale functions to determine this. Or at the very least, pass the thousands seperator as another parameter.
Secondly, why are you mixing 'C' and C++ style strings? Your function will not be correct if formated is too small.
It doesn't work if the thousands seperator is the ",".
Use the system's locale to determine the thousands seperator, and not hard code the character. There are various Windows and C++ locale functions to determine this. Or at the very least, pass the thousands seperator as another parameter.
Secondly, why are you mixing 'C' and C++ style strings? Your function will not be correct if formated is too small.
I want it to be independant from regional settings.
So pass it as a parameter and do not hard code it into the function.
I use c style strings cause I mostly work with char arrays.
So why are you using char arrays instead of std::string? You're using std::string in the function.
Secondly, it still doesn't invalidate what I'm saying -- if formated is too small, that function will not work correctly as you will have a memory overwrite. You make no check to see if that char* actually has enough room. The user should pass to you the size of the buffer, so that you copy the right amount instead of overflowing.
Also, if I pass a string-literal to your function, it will also fail, probably crash:
Code:
char *p = "abc12345674533";
formatN( 1000, p ); // this will crash.
The bottom line is that your function is easily broken, and a properly written C++ function shouldn't be so fragile.
Regards,
Paul McKenzie
Last edited by Paul McKenzie; October 9th, 2010 at 06:10 PM.
Thx for your sugerencies, the buffer will be reserved specially to recive these numbers, also the values come directly from a Unsigned integer variable.
there is no user imput, just to report progress, i think there wont be problems, but im taking care about your sugerencies.
I always prefered chars arrays over strings cause i feel more control about and best performance working with char arrays since, i know exactly whats going on.
Instead im not 100% sure whats going on inside the strings class.
your comment still useful since i needed the way to pass a string by reference and i saw your comment.
std::string& formated =D
fixed my problem with another function im writing.
I always prefered chars arrays over strings cause i feel more control about and best performance working with char arrays since,
That is a myth that handling char arrays has "better performance" than just handling std::string.
i know exactly whats going on.
So why didn't you use char arrays in your function? Instead you used std::string to do the work. Secondly, every C++ programmer knows what is going on in an array -- that's not the point. The point is that using std::string makes the program safer and less error-prone. I already showed you how fragile your function is.
Instead im not 100% sure whats going on inside the strings class.
You don't need to know what's going on inside. You use the public interface and everything works.
The link below talks more about this with respect to programmers who use arrays instead of container and string classes.
the buffer will be reserved specially to recive these numbers,
Famous last words. If a function has a hole, expect it to be opened up at some point, regardless of where the data may come from or how careful you think you're handling data and buffers. Again, C++ functions should never have to be written with such vulnerabilities.
Regards,
Paul McKenzie
Last edited by Paul McKenzie; October 10th, 2010 at 06:22 PM.
Reply With Quote
Originally Posted by Alphadan
Bookmarks