What's so bad about scanf anyway???

Allan Duncan aduncan at rhea.trl.oz
Thu Nov 15 08:28:00 AEST 1990


>From article <VXogs2w163w at cybrspc>, by roy%cybrspc at cs.umn.edu (Roy M. Silvernail):
> The problem with scanf() is that it can behave unpredictably when you
> give it badly formatted input. It's better, IMHO, to gets() a whole
> line, check its validity and _then_ sscanf() it into the target
> variables. (no need for strtol() or similar, since sscanf() looks at the
> validated string just as scanf() would have looked at the original
> input) It just makes things more bullet-resistant.
                                   ^^^^^^^^^^^^^^^^
I hope you are really using fgets( stdin,...) rather than gets(...) -
there are a lot of _system_ things out there that can be broken by just
keeping on typing till the buffer is overflowed!

Allan Duncan	ACSnet	a.duncan at trl.oz
(03) 541 6708	ARPA	a.duncan%trl.oz.au at uunet.uu.net
		UUCP	{uunet,hplabs,ukc}!munnari!trl.oz!a.duncan
Telecom Research Labs, PO Box 249, Clayton, Victoria, 3168, Australia.



More information about the Comp.lang.c mailing list