Getw function in c


is defined in the that is included in C via, or in C ++ via.

gets () was removed from the C standard with C11. Details can be found at the end of this page.


reads a string through user input. However, since it is feared for its buffer overflow weaknesses, it should never be used. Instead, the function should be used. This article describes the application for the sake of completeness, but is primarily intended to show why this function is so dangerous.


#include char * gets (char * str);

st: An array to which the string should be written.
"Return value": in the event of an error, otherwise the transferred parameter.

Sources of error

The function is almost a symbol of buffer overflows. It is the best known and most feared of all the functions at risk from buffer overflows because, like theirs, it does not check the length of the input.

In the following example you can enter a maximum of 15 characters. But what happens internally if you enter more than 15 characters? The following values ​​are then overwritten in a different memory area because there is only one array reserved for 16 characters (including binary zero characters).

Unfortunately, it still often happens that some (mostly outdated) textbooks describe an input function that can be used normally without any warning. Even today, it is not uncommon for this feature to be implemented in applications.

Controversial programming styles, such as, can still be useful in a few cases. That cannot be said of the use of. There is no useful use for it. so should be without exception No way to be used.

A safe alternative to is the function.

It would also be worth considering if the intended program sequence allows the input to be managed using command line parameters before the program starts.


#include #include int main () {char third [16] = "Third"; char str [16]; char second [16] = "Second"; printf ("Enter String : "); gets (str); printf ("Input:% x -% .10s \ n", (unsignedint) str, str); printf ("Second:% x -% .10s \ n", (unsignedint) second, second); printf ("Third :% x -% .10s \ n ", (unsignedint) third, third); returnEXIT_SUCCESS;}

The binary null character '\ 0' is added automatically. This automatically means that the character string to be read may only be 9 characters in size. Otherwise there might be the error message 'Segmentation fault' (Unix).

When compiling, the GCC compiler already generates a warning:

xin @ trinity: ~ / / clib / stdio $ gcc gets.c /tmp/ccWHKm2Q.o: In function `main ': gets.c :(. text + 0x4e): warning: the` gets' function is dangerous and should not be used.


Enter String: First Enter: 184ef7e0 - First Second: 184ef7d0 - Second Third: 184ef7f0 - Third

Buffer overflow

We saw in the previous example that the strings are 0x10 (i.e. 16) bytes apart. So we first enter 16 bytes to fill the valid buffer and then we overfill the buffer with our input:

Enter String: 0123456789012345 First Enter: 2a451580 - 0123456789 Second: 2a451570 - Second Third: 2a451590 - First

The variable is in the memory, i.e. the input. It is therefore overwritten and given the new value "First", although it should never have been overwritten.

A more detailed explanation of buffer overflows and how to avoid them can be found in the Memory Corruption Tutorial.

Removal from the standard (C11)

In version C11, C was finally removed completely due to the problems mentioned above. Instead, a more secure variant with the name was introduced, which is given the maximum number of characters to be read (including '\ 0') as an additional parameter:

char * gets_s (char * str, rsize_t n);

thus corresponds to the application of fgets () on:

fgets (str, n, stdin);

see also