LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 11-19-2002, 08:38 AM   #1
JStew
Member
 
Registered: Oct 2002
Location: North Atlanta
Distribution: LFS
Posts: 229

Rep: Reputation: 30
Preventing buffer overflow with gets()


Here is what I have going:

#include<stdio.h>
#include<stdlib.h>

int main()
{
char phrase[40];

printf("Please enter a phrase: ");
//scanf("%s", &phrase);

gets(phrase);

printf("\nThe phrase is: %s\n", phrase);



if (phrase[0] == 'h' && phrase[1] == 'e' && phrase[2] == 'l' && phrase[3] == 'l' &&
phrase[4] == 'o')


printf("The phrase is hello.\n");
else
printf("The phrase is not hello.\n");


return 0;
}

is there a way that I can add in some sort of error control with gets() in that if the user enters more characters than this array (phrase) allows that I can have them stop and enter the characters again? in other ways... is there a way to make gets() more intelligent?
 
Old 11-19-2002, 12:03 PM   #2
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: ubuntu
Posts: 2,530

Rep: Reputation: 108Reputation: 108
Have you read the man page of "gets()" ?

"man gets" on my (Debian) system says:

Quote:
BUGS:
Never use gets(). Because it is impossible to tell with_
out knowing the data in advance how many characters gets()
will read, and because gets() will continue to store char_
acters past the end of the buffer, it is extremely danger_
ous to use. It has been used to break computer security.
Use fgets() instead.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
buffer overflow problem djgerbavore Programming 1 05-17-2005 04:59 AM
What is a buffer overflow Joey.Dale Linux - Security 4 07-12-2004 06:12 PM
Buffer Overflow pymehta Linux - Security 7 02-24-2004 02:19 PM
buffer overflow cxel91a Programming 3 08-14-2003 06:23 PM
Q. What is a buffer overflow? auslew Linux - Security 2 11-08-2002 06:36 AM


All times are GMT -5. The time now is 09:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration