On 06/24/2018 03:28 PM, Bruno Haible wrote:
- /* Avoid calling both strcpy and strlen. */ - for (int i = 0; (salg.salg_name[i] = alg[i]); i++) + /* Copy alg into salg.salg_name, without calling strcpy nor strlen. */ + for (size_t i = 0; (salg.salg_name[i] = alg[i]) != '\0'; i++)
I prefer to use signed integer types when possible, as it allows better runtime checking (for integer overflow). This is a style encouraged within Emacs and I'd like to encourage it elsewhere too.
If you don't like int due to concerns about too-large sizes (of course theoretical in this case, but here we are...), then how about ptrdiff_t instead? ptrdiff_t should be always safe, since programs should never create objects larger than PTRDIFF_MAX anyway (as they'd get undefined behavior with pointer subtraction otherwise).
A nit: that "nor" should be "or".
