Getw function in c
is defined in the that is included in C via, or in C ++ via.
gets () was removed from the C standard with C11. Details can be found at the end of this page.
reads a string through user input. However, since it is feared for its buffer overflow weaknesses, it should never be used. Instead, the function should be used. This article describes the application for the sake of completeness, but is primarily intended to show why this function is so dangerous.
st: An array to which the string should be written.
"Return value": in the event of an error, otherwise the transferred parameter.
Sources of error
The function is almost a symbol of buffer overflows. It is the best known and most feared of all the functions at risk from buffer overflows because, like theirs, it does not check the length of the input.
In the following example you can enter a maximum of 15 characters. But what happens internally if you enter more than 15 characters? The following values are then overwritten in a different memory area because there is only one array reserved for 16 characters (including binary zero characters).
Unfortunately, it still often happens that some (mostly outdated) textbooks describe an input function that can be used normally without any warning. Even today, it is not uncommon for this feature to be implemented in applications.
Controversial programming styles, such as, can still be useful in a few cases. That cannot be said of the use of. There is no useful use for it. so should be without exception No way to be used.
A safe alternative to is the function.
It would also be worth considering if the intended program sequence allows the input to be managed using command line parameters before the program starts.
The binary null character '\ 0' is added automatically. This automatically means that the character string to be read may only be 9 characters in size. Otherwise there might be the error message 'Segmentation fault' (Unix).
When compiling, the GCC compiler already generates a warning:xin @ trinity: ~ / proggen.org / clib / stdio $ gcc gets.c /tmp/ccWHKm2Q.o: In function `main ': gets.c :(. text + 0x4e): warning: the` gets' function is dangerous and should not be used.
output:Enter String: First Enter: 184ef7e0 - First Second: 184ef7d0 - Second Third: 184ef7f0 - Third
We saw in the previous example that the strings are 0x10 (i.e. 16) bytes apart. So we first enter 16 bytes to fill the valid buffer and then we overfill the buffer with our input:Enter String: 0123456789012345 First Enter: 2a451580 - 0123456789 Second: 2a451570 - Second Third: 2a451590 - First
The variable is in the memory, i.e. the input. It is therefore overwritten and given the new value "First", although it should never have been overwritten.
A more detailed explanation of buffer overflows and how to avoid them can be found in the Memory Corruption Tutorial.
Removal from the standard (C11)
In version C11, C was finally removed completely due to the problems mentioned above. Instead, a more secure variant with the name was introduced, which is given the maximum number of characters to be read (including '\ 0') as an additional parameter:char * gets_s (char * str, rsize_t n);
thus corresponds to the application of fgets () on:fgets (str, n, stdin);
- What is framework in IT
- What is a credit account application form
- What are hydrated types
- What are the benefits of organic foods
- What is your revolutionary invention idea
- Why are CS students taught electrical engineering
- How many neutrons does rubidium have
- Can AdBlock see your passwords
- Is chlorophyll good for diabetes
- When is the pre-frontal cortex development complete
- Can the use of honey save my business money
- What are majestic orchestral music
- Most of the time, robots look like humans
- Do you really LIKE MCDONALDS now
- Which food tastes better when cooked in the microwave?
- What does nail polish do
- What does an ML code look like
- Buddhist monks are addicted to meditation
- Should Pakistan be kicked out of SAARC
- Phimosis can cause urinary tract infection
- Which car is suitable for men
- Too much makeup can make you sick
- What video games are unsuitable for children?
- Is Flanders field in France or Belgium
- Spouses change after a baby is born
- How do skill labs facilitate procedural skills
- Why do military divisions have ordinal numbers
- How Oracle identifies a null value
- How can bloggers improve their blogs
- What does Carnival mean in French
- How is God's omnipresence not pantheism
- How was Ticketmaster founded?
- What is credit
- What was your most feared birthday