Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91867 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

using the "gets()" function in C


  • Please log in to reply
3 replies to this topic

#1 Kariya

Kariya

    New Member

  • Authentic Member
  • Pip
  • 15 posts
  • Interests:Music, video games, computers, anime

Posted 24 April 2010 - 09:56 PM

For the longest time I've been wanting to learn a new language and eventually got around to buying a book to help me with that(I ended up getting "C for Dummies"). The book is amazing and i've learned quite a bit in a short amount of time, but started to have problems when they introduced the "gets()" function. In the book they say not to use that function since it has security issues, but a lot of the examples that they've been using have contained the gets function and not only that but everytime i've had to write something that i to use gets, the compiler spits out a bunch of errors. I've been improvising by using "scanf" and the programs have been working fine like that but what I want to know is if the compiler that just wont accept gets or am I just screwing up when i'm writting these programs :smack:

    Advertisements

Register to Remove


#2 jpshortstuff

jpshortstuff

    Teacher Emeritus

  • Authentic Member
  • PipPipPipPipPipPip
  • 5,710 posts

Posted 26 April 2010 - 01:47 AM

Hi there,

gets does indeed have a security flaw, in that the size of the receiving buffer you provide it is not checked and you can't specify a limit on the number of characters to read (so it is easy to produce a buffer overflow error).

Rather than using scanf as a workaround, I'd go with fgets, since it is much closer to what you are trying to replace.

As for what the compiler is telling you, well it depends on the compiler you are using. gcc for example will produce a warning about the security issue, but will still compile the program. If the only warnings you are getting mention gets' security issue then you know there is nothing wrong with your program. If the errors are talking about something else, then you need to look at your code.

Hope that helps, let me know if you have any more questions.

Proud Graduate of the TC/WTT Classroom

At weekends (GMT) I may not be able to reply promptly due to various commitments. Please be patient and I will respond as soon as I can.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Need help remembering those important computer maintenance tasks? Let SCars do it for you.

Posted Image

#3 Kariya

Kariya

    New Member

  • Authentic Member
  • Pip
  • 15 posts
  • Interests:Music, video games, computers, anime

Posted 28 April 2010 - 09:55 PM

I rewrote the program and it ended up working (turns out the errors were made by me :smack: )

I tried replacing scanf with fgets but then I get an error saying "too few arguments to function ‘fgets’ "

#4 jpshortstuff

jpshortstuff

    Teacher Emeritus

  • Authentic Member
  • PipPipPipPipPipPip
  • 5,710 posts

Posted 29 April 2010 - 12:56 AM

fgets needs a couple more parameters than gets, since we also need to specify the buffer size, and the file we're reading from (stdin in this case).

So, where you might have had code that looked like this:
char buffer[50];
gets(buffer);
it should now look like this:
char buffer[50];
fgets(buffer, 50, stdin);

More info on fgets here:
http://www.cplusplus...y/cstdio/fgets/

Hope that helps.

Proud Graduate of the TC/WTT Classroom

At weekends (GMT) I may not be able to reply promptly due to various commitments. Please be patient and I will respond as soon as I can.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

Need help remembering those important computer maintenance tasks? Let SCars do it for you.

Posted Image

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users