How about adding NEW Special Tokens?? For ease and Security

Wed May 25 06:43:24 PDT 2011

On May 25, 11 16:29, Matthew Ong wrote:
> Hi all,
>
> These 2 tokens are very useful for debugging and also trouble shooting
> during exceptions time and even implementing logging api similar to log4j:
> I do understand that this are compile time information and they are static.
>
> __FILE__ // prints something like D:\User\Project\...\MyMod.d
> I do not like this full path format because it might give hacker some
> idea when of server directory layout structure for webbase cgi / layout,
> accidentally by junior developer because of mis handled exceptions.
> __LINE__ // some line number.
>
> How about keeping those 2 and also adding some new compile time
> information's tokens:
> 1) __FILENAME__ // prints only MyMod.d

std.path.basename(__FILE__);

> 2) __MODULE__ // prints the full module name. eg: std.c.windows

.stringof[7 .. $]

> 3) __FUNCNAME__ // prints the function name.

If we had __function (see 
http://d.puremagic.com/issues/show_bug.cgi?id=5140), then it would be

__traits(identifier, __function)

Also check 
http://www.digitalmars.com/d/archives/digitalmars/D/FUNCTION_implemented_with_mixins_and_mangles_92055.html

> 4) __BLOCKNAME__ // perhaps another name, but prints
> class/struct/interface/template... name. If is global, print global.
> 5) __DEBUGLINE__ // prints __MODULE__ ~ __BLOCKNAME__ ~ __FUNCNAME__ ~
> __LINE__

Just define that function if you need it.

string __DEBUGLINE__() {
     return __MODULE__ ~ ":" ~ ...;
}

>
> The reasons for those are:
> 1) to make the life of coder simple instead of having to every time call
> a template function/function to trim those information.
> 2) Some time the code does gets move around within a large project due
> to re-factoring and remodeling. Having only the file name & line number
> might loose the
>
> I am rather sure that the compiler will have some Abstract Syntax Tree
> in memory to map value for such tokens.
>
> It would be even more cool if there is some immutable runtime special
> tokens:
> 1) __LOGIN__ // Current user login id, eg: johnchia
> 2) __UID__ // User login number, eg: 0, 304,1234,...
> 3) __PID__ // Current program process id
> 4) __PPID__ // Parent process id
> 5) __STIME__ // Start time, date time,2011-02-23 14:45, to see if there
> is a long over due program.
> 6) __CMDLINE__ // prints full path name C:\Program
> Files\Notepad++\notepad.exe
> 7) __TOTMEM__ // Total amount of memory being used. Read Only, but dynamic.
> 8) __MAXMEM__ // Max amount of memory allocated for this process.Read
> Only, but dynamic. (perhaps a new setting may be done at the library or
> function somewhere to limit the total amount of memory being allocated
> by code.) I find that such setting are very useful to limit such within
> a multi-threaded and multi-tasking application such as a web server. I
> helps to reduce the amount of paging needed during runtime and stabilise
> the system.

-8.

Use those functions (getuid(), getpid(), etc.) if you need those values. 
Why make them look like compile-time special tokens?

>
> These runtime tokens will be very useful for developer to do secure
> coding to check for some runtime Access Control Information or
> preventing denial of service and maybe anti buffer over flowing attacks.
>
> Perhaps the runtime special information are already available. If not,
> that might be in the future version.
>
>
>