Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

gets() function Not Safe?

Status
Not open for further replies.
bronyrstomp

bronyrstomp

Technical User
Aug 12, 2001
11
0
0
CA
Why do I get this in my program while it is running. Is it a runtime error?
I am just teaching myself C and C++. I have a lot of questions.
The vastest things are those we may not learn.
We are not taught to die, nor to be born,
Nor how to burn
With love.
How pitiful is our enforced return
To those small things we are the masters of.
                          - Mervyn Peake
 
Sort by date Sort by votes
Strange!!! However yes it is unsafe to use gets() since it may cause memory leak, as we do not have any control on user as to how many bytes of data he can write in when we request an input from him using gets, so we should be better off using fgets() restricting useer to a max. of array size. But I have never seen any runtime or compiletime error or even warning like this, Can you please paste the code and your compiler type.

Thanx 'n' Regards,
SwapSawe.s-)
 
Upvote 0 Downvote
The compiler is g++ that comes with FreeBSD.
Code: 
#include <stdio.h>
#include <curses.h>

char Pause(void)
{
    char c;
    printf(&quot;\nPress enter to continue...&quot;)
    while ((c = getchar()) != '\n') {}
    return;
}

int main ()
{
    char name [80];
    clrscr();
    puts(&quot;What is your name? &quot;;
    gets(name);
    puts(&quot;&quot;);
    puts(&quot;Your name is:&quot;);
    puts(name);

    Pause();
    return 0;
}
[\code] 
The vastest things are those we may not learn.
We are not taught to die, nor to be born,
Nor how to burn
With love.
How pitiful is our enforced return
To those small things we are the masters of.
                          - Mervyn Peake
 
Upvote 0 Downvote
I think clrscr is conio.h function and curses.h
doesn't have it.

So it is not run-time error, maybe your linker
was failed.

But this program has potential error caused
by using gets, as SwapSawe explained.
Hee S. Chung
heesc@netian.com
 
Upvote 0 Downvote
The GNU compiler/linker warns about several potentially dangerous routines such as gets and tmpnam. These routines create buffer overrun vulnerability (as described previously) and should be avoided. Such errors can be used to compromise system security.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
strcpy and strncpy safety stuff
Replies
10
Views
135
AbidingDude
AbidingDude
silviatodorof
  • Locked
  • Question
scanf, gets and fflush 2
Replies
5
Views
71
ArkM
ArkM
manichandra
  • Locked
  • Question
string copy function 4
Replies
6
Views
59
ArkM
ArkM
amilor
  • Locked
  • Question
void function for scanf()
Replies
1
Views
73
mikrom
mikrom
tianshiz
  • Locked
  • Question
bypassing instrument function to instrument interaction in labwindow
Replies
0
Views
40
tianshiz
tianshiz

Part and Inventory Search

Sponsor

Back
Top