How about adding NEW Special Tokens?? For ease and Security

Matthew Ong ongbp at yahoo.com
Wed May 25 01:29:20 PDT 2011 

Hi all,

These 2 tokens are very useful for debugging and also trouble shooting 
during exceptions time and even implementing logging api similar to log4j:
I do understand that this are compile time information and they are static.

__FILE__  // prints something like D:\User\Project\...\MyMod.d
              I do not like this full path format because it might give 
hacker some idea when of server directory layout structure for webbase 
cgi /  layout, accidentally by junior developer because of mis handled 
exceptions.
__LINE__  // some line number.

How about keeping those 2 and also adding some new compile time 
information's tokens:
1) __FILENAME__   // prints only MyMod.d
2) __MODULE__     // prints the full module name. eg: std.c.windows
3) __FUNCNAME__   // prints the function name.
4) __BLOCKNAME__  // perhaps another name, but prints 
class/struct/interface/template... name. If is global, print global.
5) __DEBUGLINE__  // prints __MODULE__ ~ __BLOCKNAME__ ~ __FUNCNAME__ ~ 
__LINE__

The reasons for those are:
1) to make the life of coder simple instead of having to every time call 
a template function/function to trim those information.
2) Some time the code does gets move around within a large project due 
to re-factoring and remodeling. Having only the file name & line number 
might loose the

I am rather sure that the compiler will have some Abstract Syntax Tree 
in memory to map value for such tokens.

It would be even more cool if there is some immutable runtime special 
tokens:
1) __LOGIN__  // Current user login id, eg: johnchia
2) __UID__    // User login number, eg: 0, 304,1234,...
3) __PID__    // Current program process id
4) __PPID__   // Parent process id
5) __STIME__  // Start time, date time,2011-02-23 14:45, to see if there 
is a long over due program.
6) __CMDLINE__ // prints full path name C:\Program 
Files\Notepad++\notepad.exe
7) __TOTMEM__  // Total amount of memory being used. Read Only, but dynamic.
8) __MAXMEM__  // Max amount of memory allocated for this process.Read 
Only, but dynamic. (perhaps a new setting may be done at the library or 
function somewhere to limit the total amount of memory being allocated 
by code.) I find that such setting are very useful to limit such within 
a multi-threaded and multi-tasking application such as a web server. I 
helps to reduce the amount of paging needed during runtime and stabilise
the system.

These runtime tokens will be very useful for developer to do secure 
coding to check for some runtime Access Control Information or 
preventing denial of service and maybe anti buffer over flowing attacks.

Perhaps the runtime special information are already available. If not, 
that might be in the future version.



-- 
Matthew Ong
email: ongbp at yahoo.com

More information about the Digitalmars-d mailing list