Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Non-*NIX Forums > Programming
User Name
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.


  Search this Thread
Old 11-19-2002, 07:38 AM   #1
Registered: Oct 2002
Location: North Atlanta
Distribution: LFS
Posts: 229

Rep: Reputation: 30
Preventing buffer overflow with gets()

Here is what I have going:


int main()
char phrase[40];

printf("Please enter a phrase: ");
//scanf("%s", &phrase);


printf("\nThe phrase is: %s\n", phrase);

if (phrase[0] == 'h' && phrase[1] == 'e' && phrase[2] == 'l' && phrase[3] == 'l' &&
phrase[4] == 'o')

printf("The phrase is hello.\n");
printf("The phrase is not hello.\n");

return 0;

is there a way that I can add in some sort of error control with gets() in that if the user enters more characters than this array (phrase) allows that I can have them stop and enter the characters again? in other ways... is there a way to make gets() more intelligent?
Old 11-19-2002, 11:03 AM   #2
Senior Member
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: ubuntu
Posts: 2,530

Rep: Reputation: 110Reputation: 110
Have you read the man page of "gets()" ?

"man gets" on my (Debian) system says:

Never use gets(). Because it is impossible to tell with_
out knowing the data in advance how many characters gets()
will read, and because gets() will continue to store char_
acters past the end of the buffer, it is extremely danger_
ous to use. It has been used to break computer security.
Use fgets() instead.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
buffer overflow problem djgerbavore Programming 1 05-17-2005 03:59 AM
What is a buffer overflow Joey.Dale Linux - Security 4 07-12-2004 05:12 PM
Buffer Overflow pymehta Linux - Security 7 02-24-2004 01:19 PM
buffer overflow cxel91a Programming 3 08-14-2003 05:23 PM
Q. What is a buffer overflow? auslew Linux - Security 2 11-08-2002 05:36 AM > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 05:38 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration