retiring gets(3)

Doug Gwyn gwyn at smoke.BRL.MIL
Mon Nov 14 17:21:50 AEST 1988 

In article <1988Nov11.232629.15414 at utstat.uucp> geoff at utstat.uucp (Geoff Collyer) writes:
>> From: gwyn at smoke.BRL.MIL (Doug Gwyn )
>> gets() is deliberately required for ANSI C standard conformance because
>> a LOT of existing code relies on it.

>That's the whole point, Doug.  People *should* fix their existing code;
>it's unsafe.

Bullshit.  When I use gets() I use it safely.

>> Any vendor who omits this function
>> will not be standard conforming and will not sell its compiler to those
>> (expected to be MANY customers) who specify standard conformance.

>Once the standards are changed, their code *will* be standard-conforming.

The standard is not going to change.  This proposal has been debated and
rejected by X3J11 on more than one occasion.  (See my first sentence
quoted above.)

>> Even if your philosophy is right, you should get others to go along with
>> it BEFORE trying to force them to conform to it.

>That's what I'm trying to do now: get people to agree, and then act on
>that agreement.

It has already been tried, and failed.

>> By the way, have you removed scanf() from your C library as well?  Or
>> sprintf()?  Or strcpy()?  They can be misused in the same way as gets().

>No, I have not; all of these functions *can* be used safely, though it
>does take a little extra care.  The point is that gets() *can* *not* be
>used safely; a dedicated opponent can *always* defeat a program that
>reads with gets().

I already said "bullshit" to this so I need not repeat it here.

gets() has legitimate uses.  It is in the library Base Document.
It is widely used in existing code (sometimes safely, sometimes not).
It stays.

You seem to want to protect the programmer who is too stupid to
protect himself.  This is a dangerous thing to attempt where C is
concerned.  My god, pointers can really be abused -- maybe we
better get rid of them too.

The right thing to do, as I said before, is to eductae craftsmen
in the proper use of their tools so they don't hurt themselves or
their customers.

More information about the Comp.lang.c mailing list