retiring gets(3)
Peter da Silva
peter at ficc.uu.net
Sun Nov 13 14:39:12 AEST 1988
In article <2566 at ihlpm.ATT.COM>, snafu at ihlpm.ATT.COM (00704a-Wallis) writes:
> Actually, I don't understand the argument that
> gets() should be removed because it can overrun
> the buffer. What's to prevent the following (and
> how is it different from gets?):
> char some_string[10];
> fgets( some_string, 2147483647, stdin );
This is a program bug... the programmer specified the wrong buffer size.
Unlike the case of gets, you can limit the read to the buffer size. In all
the other routines with the gets problem, a program can be written that will
not allow any buffer overflow:
char buffer[10];
sprintf(buffer, "%.9s", ptr);
fscanf(fp, "%.9s", buffer);
fgets(buffer, 10, fp);
The problem is that there is no way to limit how much I/O gets will do.
--
Peter da Silva `-_-' Ferranti International Controls Corporation
"Have you hugged U your wolf today?" uunet.uu.net!ficc!peter
Disclaimer: My typos are my own damn business. peter at ficc.uu.net
More information about the Comp.lang.c
mailing list