Secure 'C' library - string I/O (Re: retiring gets(3))
Peter da Silva
peter at ficc.uu.net
Fri Nov 11 01:23:01 AEST 1988
What is really needed is a whole secure 'C' library. Consider this gem:
..........
#include <utmp.h>
#define LOGNAMESIZE 8
char buffer[LOGNAMESIZE*2+3];
struct utmp *up;
sprintf(x, "%s %s\n", up->ut_line, up->ut_name);
..........
In general, sprintf should have an argument describing the size of the
output buffer. A better solution still would be to can sprintf and replace
it with something like:
FILE *stropen(buffer, length, mode);
Opens a string as a file. Mode is one of:
"r" Read.
"w" Write.
"a" Append.
"r+" Read/update.
"w+" Write/update.
"a+" Append/update.
Any of the normal I/O functions will operate on this internal file.
A null will be written at the high water mark when the file pointer
is fclosed. fseek operates within the string. In 'append' mode the
string's "end" will be considered to be the first "null". In "Write"
and "Append" mode the string will be null-filled on open.
It's safer and cleaner.
There are other goodies like this, have a look...
--
Peter da Silva `-_-' Ferranti International Controls Corporation
"Have you hugged U your wolf today?" uunet.uu.net!ficc!peter
Disclaimer: My typos are my own damn business. peter at ficc.uu.net
More information about the Comp.lang.c
mailing list