Pen test questions with the highest frequency

xiaoxiao2021-03-05  28

I met this topic today.

Keywords: C , strcpy, string, copy, copy, copy, written test, test

Title: The prototype of the strcpy function is: char * strdest, const char * strsrc); 1. Do not call the library function to implement the strcpy function. 2. Explain why you want to return char *.

Explanation:

1.STRCPY implementation code

Char * STRDEST, Const Char * strsrc)

{

IF ((strDest == null) || (strsrc == null) // [1]

Throw "invalid argument (s)"; // [2]

Char * strDestCopy = strDest; // [3]

While (* StrDest = * strsrc )! = '/ 0'); // [4]

Return strDestCopy;

}

Wrong approach:

[1]

(A) Do not check the effectiveness of the pointer, indicating that the answers do not pay attention to the robustness of the code.

(B) Use ((! "|| (!") Or (! (! (! (! (! (StrDest && strsrc)), indicating that the implicit conversion of the Type of the C language does not understand. In this example, CHAR * is converted to BOOL is the type implicit conversion, which is flexible, but more is the increase in error probability and increased maintenance costs. Therefore, C has specifically add three keywords that BOOL, TRUE, and FALSE to provide a safer conditional expression.

(C) Check the effectiveness of the pointer ((strDest == 0) || (strDest == 0)), indicating that the answers do not know the benefits of using constants. Use literal constants (such as 0 in this example) to reduce the maintenanceability of the program. 0 Although it is simple, but there may be many inspections of the pointer in the program. In case of incorrect mistakes, the compiler cannot find that the generated program contains logical errors, it is difficult to exclude. Use null instead of 0, if the spelling error occurs, the compiler will check it out.

[2]

(A) Return New String ("Invalid Argument (s)");, the inscription answers do not know the use of return values ​​at all, and he does not have a vigilance for memory leaks. The memory that returns from the function in the function is very dangerous. He throws the obligation to release the memory to the uninformed calorie. In most cases, the caller does not release memory, which causes memory leakage.

(B) Return 0;, the answer sheet does not have the abnormal mechanism. The caller may forget to check the return value, and the caller may not check the return value (see chain expression later). It is a double function that returns the return value to the correct value and an abnormality value, and the result is often a function of failing. The return value should be replaced by throwing exceptions, which can reduce the burden of the caller, so that the error will not be ignored, and the programs are maintenanceability.

[3]

(A) Forget to save the original strDest value, indicating that the questioner logic thinks is not strict.

[4]

(A) Looping to WHILE (* STRDEST = * strsrc ); and [1] (b).

(B) Recycling to WHILE (* strsrc! = '/ 0') * strDest = * strsrc ; indicating that the answers are impossible to check the boundary conditions. After the end of the cyclic body, the end of the STRDEST string did not correctly add '/ 0'.

2. Returns the original value of StRDEST to enable functions to support chain expressions, add "added value" of the function. The same functionality, if it can reasonably improve the availability, it is natural to be more ideal. The form of chain expression is as: int ILngth = Strlen (STRCPY (STRA, STRB));

As another example:

Char * stra sca = structure (new char [10], strb);

Returns the original value of the strsrc is wrong. First, the source string is definitely known, returning it is meaningless. Second, it is not possible to support the expression of a second example. Third, in order to protect the source string, the shape is used to qualify the content referred to by strsrc, and the const char * is returned as char *, the type does not match, and the compile error.

转载请注明原文地址:https://www.9cbs.com/read-33679.html

New Post(0)