Re: [PATCH] inttostr.h: add compile-time buffer overrun checks

[Jim Meyering]

Paul Eggert wrote:

> On 10/18/2010 03:25 PM, Bruno Haible wrote:
>> variable-length arrays are valid C and C++ syntax.
>
> Yes, but VLAs are not valid in all contexts.  For example,
> one cannot declare a static variable or a structure member
> that is a variable-length array.  Whether it makes sense to
> support VLAs (with respect to a feature) depends on the feature.
>
> For inttostr, as it happens, there's no need to support VLAs
> as buffer arguments, because the buffer sizes are always known at
> compile time and are quite short.  That is why, in practice,
> no caller of inttostr uses VLAs.  If it were easy to support
> VLAs anyway that'd be fine: but the support is hard to follow
> and entails extra machine code, which argues for omitting it.

I have to agree.
The whole point of inttostr functions is to provide
a minimal and robust mechanism for converting integral
values to strings.  Using a VLA, while not as bad as using
asprintf, does defeat much of the purpose.

In that respect, you can view rejection of VLA-using code
as a feature: it tells the developer (in a backhanded manner ;-)
that they should not be using a VLA with inttostr functions.