retiring gets(3): clarification

[Geoff Collyer]

I wrote:
> The recent exposure of the security bug in the 4BSD fingerd caused by
> use of gets(3) reminded me that gets is a bug waiting to happen and
> should be stamped out.

Apparently a lot of people have still not heard the details of the
recent Internet worm (or "virus" as the media called it).  The 4BSD
fingerd had a bug which permitted its invoker to obtain a root shell.
The bug was that fingerd used gets to read a line of input from its
network connection, and gets is unable to check that the input line
fits within the buffer handed to gets, so a suitably-constructed line of
input to fingerd steps on other variables, confusing fingerd.

The above is merely preamble; the point I want to make is that gets is
inherently unsafe due to its inability to check for overrun of the
buffer provided to it.  There is no reason to use gets, and there are
good reasons to avoid gets.

Let's kill gets now, before it strikes again.
-- 
Geoff Collyer	utzoo!utstat!geoff, geoff at utstat.toronto.edu