Twitter  Facebook  YouTube  E-Mail  RSS
The One Man MMO Project
The story of a lone developer's quest to build an online world :: MMO programming, design, and industry commentary
Eliminating Memory Stomps
By Robert Basler on 2013-10-17 00:36:00
Homepage: email:one at onemanmmo dot com

I can't remember the last time I had to spend any time finding a memory stomp. This was not always the case -- I have spent many an hour with data breakpoints. Man was I happy when those finally started working on the Wii. Today I thought I'd share a couple little things I use to eliminate overflows in my code.

Do you use C arrays? Then ARRAY_SIZE is your friend.

#define ARRAY_SIZE( x ) ( sizeof( x ) / sizeof( x[ 0 ] ) )

This little baby is super. How many times have you changed the size of an array only to have the code that uses it stomp all over your stack? I've seen a lot of code like this:

char buf[ 16 ];
for ( int a = 0; a < 32; ++a ) buf[ a ] = 0;

This is a little better:

static const int ArraySize = 32;
char buf[ ArraySize ];
for ( int a = 0; a < ArraySize; ++a ) buf[ a ] = 0;

But this, is even better:

static const int ArraySize = 32;
char buf[ ArraySize ];
for ( int a = 0; a < ARRAY_SIZE( buf ); ++a ) buf[ a ] = 0;

Then there are C strings. The C library is just mental. Most of the str* functions will quite happily write all over the place. There are 'n' versions of many of these functions which you might think will give you buffer safety, but even these are dangerous. strncpy sometimes gives you non-terminated strings, never NEVER use it! strncat copies at most n characters from the second string, the n has nothing to do with the buffer size. I wrote all my own str* functions which take the destination buffer size as a parameter, but if that isn't your style, check out Microsoft's str*_s "safe" alternatives.

void strncpya(char *d, const char *s, int sizeInChars) 
if ( sizeInChars == 0 )
while ( ( ( *s ) != 0 ) && ( sizeInChars != 0 ) )
( *d ) = ( *s );
if ( sizeInChars == 0 )
( *d ) = 0;

That said, I rarely use C strings anymore, mostly I use a fully featured string class. There's C++'s string if you don't want to roll your own.

Last, but certainly not least, I use a vector template with range checking. When I'm not sure exactly how big the array can grow, the vector template supports an array which can grow dynamically, and the range checking only runs in DEBUG builds so there's no performance penalty.

It has been a long time since Microsoft's runtime caught a memory stomp on a heap allocation.

By omeg on 2013-10-26 06:52:11
Homepage: email:
I currently work on a project that involves low-level multipoint asynchronous IPC so I still mostly use good ol' C. RTL_NUMBER_OF is the Microsoft's builtin version of ARRAY_SIZE. I also tend to use StrCC... functions if I need to do manual manipulation on raw buffers. And AppVerifier is pretty good with catching runtime bugs. :)
By Robert Basler on 2013-10-26 10:55:23
Homepage: email:one at onemanmmo dot com
I haven't tried AppVerifier but it did give me a chuckle seeing that the download page describes it as dated, yet the latest version is from 2008.

New Comment

Cookie Warning

We were unable to retrieve our cookie from your web browser. If pressing F5 once to reload this page does not get rid of this message, please read this to learn more.

You will not be able to post until you resolve this problem.

Comment (You can use HTML, but please double-check web link URLs and HTML tags!)
Your Name
Homepage (optional, don't include http://)
Email (optional, but automatically spam protected so please do)
Connery or Craig? (What's this?)

  Admin Log In

[The Imperial Realm :: Miranda] [Blog] [Gallery] [About]
Terms Of Use & Privacy Policy