From: Francis Glassborow on 27 Dec 2006 15:48 In article <1167173557.668581.135420(a)i12g2000cwa.googlegroups.com>, Greg Herlihy <greghe(a)pacbell.net> writes >Unless, of course, the string literal happens to have a different value >because the C++ program has changed it. > >There is, after all, nothing in C++ that guarantees that the value of a >string literal is immutable. The Standard states only that attempting >to modify a const value is "undefined' - which includes the possibility >that such modification is allowed. So a C++ implementation that allows >modification of string literal values is just as conforming to the C++ >Standard as an implementation that does not allow such changes - so any >C++ program that counts on one behavior instead of the other is >necessarily relying on non-portable, implementation-dependent behavior >to guarantee its secure operation. A C++ program has no choice but to >look elsewhere than the C++ Standard for anything related to its secure >operation, because "security" as a concept is one entirely absent from >the C++ Standard. However, if you bind a string literal to a char const * and avoid using casts that will overrule that then your implementation must NOT modify the string literal. While most forms of undefined behaviour can be defined by the implementation, I am pretty certain that defining mutation of literals to be OK would be unacceptable. If an implementor did that, s/he better be very careful that literals are all discrete and do not share storage. -- Francis Glassborow ACCU Author of 'You Can Do It!' and "You Can Program in C++" see http://www.spellen.org/youcandoit For project ideas and contributions: http://www.spellen.org/youcandoit/projects [ See http://www.gotw.ca/resources/clcm.htm for info about ] [ comp.lang.c++.moderated. First time posters: Do this! ] |