Return to BSD News archive
Xref: sserve comp.os.386bsd.questions:11771 comp.os.386bsd.development:2332 comp.os.386bsd.misc:2800 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msuinfo!agate!priam.CS.Berkeley.EDU!edward From: edward@priam.CS.Berkeley.EDU (Edward Wang) Newsgroups: comp.os.386bsd.questions,comp.os.386bsd.development,comp.os.386bsd.misc Subject: Re: Why does FreeBSD 1.1.5 say gets() is unsafe? Date: 25 Jul 1994 20:41:35 GMT Organization: University of California, Berkeley Lines: 11 Message-ID: <31181v$ibk@agate.berkeley.edu> References: <30lrf3$2ii@acmez.gatech.edu> <30mcrm$67t@darkstar.UCSC.EDU> <ASAMI.94Jul21184711@forgery.cs.berkeley.edu> NNTP-Posting-Host: priam.cs.berkeley.edu Cc: In article <ASAMI.94Jul21184711@forgery.cs.berkeley.edu>, Satoshi ASAMI <asami@cs.berkeley.edu> wrote: >Yes, this was one of the "holes" that the Internet Worm exploited. >gets() really has no business being in the standard library, except it >is too "standard" (is it in POSIX?) that we can't take it out. It's a bit drastic, no? Fingerd.c was just badly written. Though gets() is a bit of an odd-function-out in its semantics, and I would't really recommend using it.