gets(3) nonsense
Achut Reddy
achut at unisoft.UUCP
Tue Nov 15 09:03:36 AEST 1988
In article <1643 at solo11.cs.vu.nl> maart at cs.vu.nl (Maarten Litmaath) writes:
>And now the real point: let's stop complaining about the gets(3) semantics of
>not checking buffer boundaries; this is precisely what was intended.
>Does anyone suggest doing away with strcpy() too?
>Or /bin/rm, being destructive?
No, there is a fundamental difference between gets(3) and all the other
functions that don't check buffer boundaries. That difference is that
the other functions *can* be used safely if the programmer exercises
some care. He has complete control over the arguments he passes to these
functions, and can ensure that his buffers don't overflow. When gets(3)
is used, however, to get input from any source which the user has
control over (e.g., stdin), then a correct program *cannot* be written.
(The user can always enter an input line longer than the buffer length)
gets(3) should not be used, and hopefully it can be phased out.
Achut Reddy
More information about the Comp.lang.c
mailing list