Andre's Blog
Perfection is when there is nothing left to take away
std::wstringstream vs. swprintf

A few days ago a developer asked me if we intend to replace all archaic printf-style calls within the project with modern, object-oriented string stream equivalents. I heard this sentiment many times over the years, often substantiated by the fact that buffered stream operations are faster than frequent parsing of the format string. Let's test this theory and format a simple string in a loop using both methods.

Moving blogs to ASP.Net

This site was originally written in ASP JavaScript, which worked great, but lacked a couple of things, like being able to upload files without having to parse multipart HTTP requests. So, I decided to move the site to ASP.Net to take advantage of the new functionality offered by the .Net framework, while keeping the implementation written in JavaScript.

Break, break, dammit!

A couple of days ago a developer asked me why their Visual Studio 2005 debugger no longer breaks when a C++ exception is thrown, even though C++ exceptions were not suppressed in the exception configuration and the debugger was attached to an IIS worker process to debug native code.

Thinking that something might be wrong with how C++ exceptions were handled, I stuck a statement dereferencing a NULL pointer into the code:

*(char*) 0 = 0;
Microsoft: More steam, more noise - let the world think we are moving!

Microsoft declared standard memory manipulation functions, such as memcpy, not secure and deprecated. The motivation behind this is that modern developers are not smart or careful enough to ensure that the destination buffer has sufficient room, which results in buffer overruns:

http://blogs.msdn.com/sdl/archive/2008/10/22/good-hygiene-and-banned-apis.aspx

STL matchmaking gone bad

Some STL containers, such as std::map, are designed to use std::pair to maintain keys and values. A special convenience function, std::make_pair, is often used to create pairs without having to specify template argument types. Typical code that makes use of an STL map looks like this:

std::map<std::string, std::string> m;		// map<key,value>
m.insert(std::make_pair("1", "one"));
m.insert(std::make_pair("2", "two"));
printf("%s", m.find("1")->second.c_str());	// prints "one"
BBCode parser

While most content management systems, such as blogs, allow users edit HTML directly, more specialized ones, such as discussion forums, allow users to use alternative syntax that is easier to control and adapt to particular needs. BBCode, which stands for Bulletin Board Code, is one example of such alternative.

JavaScript string accessed C-style

A couple of days ago I came across JavaScript code in which a developer replaced an array object with a string and forgot to change the subscripting operator to a charAt() call, so the code looked like this:

var s = new String("0123456789");
var c = s[4];

Much to my surprise, the code appeared to work just fine when compiled in ASP and it also worked in FireFox, Opera, Chrome and Safari, although failed in Internet Explorer.

Server-side connector for FCK editor

FCK editor comes with a neat file browser that comes in very handy when adding images or links to other files located on the server. The editor ships with source files in all poplar scripting languages making it possible to use the feature with a minimal effort. However, ASP code was written in VBScript and didn't integrate well into my security model, so I decided to write my own one weekend.

Waiving a type-safe flag

Sometimes C++ enum's are used to define bit flags, such as read/write attributes, which can provide better type checking at compile time. However, when performing bitwise operations on enum values, one has to cast resulting int's back to enum's, which bypasses strict type checking and makes enum definitions somewhat pointless.

Data object serialization

The concept of serializing data objects located in memory, so they can be stored or transmitted over a network link, has been around for a long, long time. Seems that almost everyone took their shot at it over the last 20-30 years - RPC, Borland's streamable interfaces, MFC's archives, Java's remote method invocation (RMI),  ASN.1, distributed COM, SOAP, XML RPC, just to name a few well-known ones and not to mention myriads of proprietary designs.