ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
(1) don't cast the return value of malloc. This can mask subtle coding errors if you forget to include stdlib.h
(2) fscanf(stdin, "%s", buf); is classic insecure (prone to buffer overflow exploit) code. What if the user enters more than BUF_SIZE data?
You can use the GNU readline function if you're writing GNU code, otherwise, it's not terribly tough to hack together your own readline lib (I did it awhile ago). Basically malloc a buffer of a certain size and then read one character at a time from input. Keep track of how many characters you read. When you're running low on space, realloc the buffer to a larger size. You may want to set some global maximum buffer size to prevent out of control usage. Also don't forget the terminator at the end of the string!
hm.. I was under the impression that fscanf was secure .. so the only way to read a char string securely is to implement your own "readline" (or use the FSF readline ...) ?
since we are .. "in topic" .. is there any "list" with insecure functions/common security mistakes in C programming ? (the more technically detailed the better)
You can make scanf and friends more secure by not allowing arbitrary length strings as input. For instance scanf("%10s", buffer) will only read 10 characters at most in. You do need to pick the number at compile time though. You can also use fgets which allows you to specify a maximum size. But you can't expand that size if you get more data than you expect, so you wind up implementing a readline-like library if you care about getting everything.
I'm not sure about a list like you describe, but there's lots of good info in the comp.lang.c FAQ.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.