gets limits?
tim at scsmo1.UUCP
tim at scsmo1.UUCP
Mon Apr 24 13:45:00 AEST 1989
What does ANSI say about gets. It seem to me that there is NO way to
figure out how big to make the buffer for the beast. I have assumed
that gets can be approximated by:
#define gets(x) fgets(s,BUFSIZ,stdin)
Since assumptions tend to cause problems, (like the internet worm :-)
what rules should be followed with gets. Personaly I like the idea of
taking the binary editor and nuking some character in the "gets" string
so it won't be found by the linker.
I often see gets reading in a string that is put in an 80 byte array.
What is the maximum number of characters? is it BUFSIZ? How about
GETSBUFSIZ?
If ANSI does not say anything about this, I think they missed the boat as
this could be the single most unsecure feature of C.
tim hogard
tim at scsmo1.uucp
More information about the Comp.lang.c
mailing list