Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!goanna.cs.rmit.edu.au!news.apana.org.au!cantor.edge.net.au!news.teragen.com.au!news.access.net.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!news.nacamar.de!Frankfurt.Germany.EU.net!Stuttgart.Germany.EU.net!main.Germany.EU.net!Dortmund.Germany.EU.net!Saruman.CWA.de!news From: Stephan Wilms <Stephan.Wilms@CWA.de> Newsgroups: comp.lang.c,comp.unix.bsd.freebsd.misc Subject: Re: What does gets() unsafe question mean? Date: Fri, 07 Mar 1997 15:04:21 +0100 Organization: CWA GmbH Lines: 26 Message-ID: <33202065.384E@CWA.de> References: <01bc2a8f$67037120$db083ccc@default> NNTP-Posting-Host: morgoth.cwa.de Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 2.01 (Win95; I) CC: stephan.wilms@cwa.de Xref: euryale.cc.adfa.oz.au comp.lang.c:195765 comp.unix.bsd.freebsd.misc:36757 Jeffrey M. Metcalf wrote: > > Hello, > > I recently wrote a little C program which uses the stdio.h function gets(). > I > compiled and ran it under FreeBSD and I get.. > > warning: this program uses gets(), which is unsafe. > > What exactly does this mean? Why is it unsafe? Wow, thats one helpfull compiler. The answer is that 'gets()' will happily write over the end of your string into unknown territory (memory) if the user enters more characters then expected. You should use 'fgets()' instead to read from 'stdin'. The c.l.c FAQ contains lots of helpfull advice on 'get()' and 'fgets()'. Among other it answers the question: 12.23: Why does everyone say not to use gets()? You can get the FAQ at http://www.eskimo.com/~scs/C-faq/top.htm or at at rtfm.mit.edu or and it gets posted to this newsgroup regularly. Stephan