I am making a data structure library in C, and I have decided to make the data structures opaque, so I have a header lew_arr.h
struct lew_arr;
and the source file lew_arr.c with the definition
struct lew_arr {
void *buff;
size_t len; //number of elements in the array
size_t cap; //capacity of the array
size_t sz; //number of bytes for each element
};
Also here is the definition for a function that allocates memory for a new lew_arr struct, initializes it, and returns it through through the out argument
lew_err lew_arr_init(size_t const cap, size_t const sz, struct lew_arr **out_arr);
Because the structure is not defined in the header, the user cannot access the members; however, they could change the data through pointers like this:
int main(void)
{
struct lew_arr *a;
lew_arr_init(10, sizeof(int), &a);
char *ptr = (void *) a;
*ptr = 1;
*ptr = 2;
//etc.
return 0;
}
I know this would be playing with fire, as the user would not know what they are changing, but is there a way to prevent the user from doing this, or is this just one of things in C where you have to trust that the programmer knows what they are doing?
CodePudding user response:
One of the principles of C programming language is "Trust the programmer". While this goal is "outdated in respect to the security and safety programming communities", still it's the spirit of C programming language.
is there a way to prevent the user from doing this,
No.
or is this just one of things in C where you have to trust that the programmer knows what they are doing?
Where you have to "let" them do it.
I would expect that you don't really have to "trust" them, because other programmers will work on their computers, not yours, so your computer should be safe.