Return to BSD News archive
Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!haven.umd.edu!umd5.umd.edu!roissy.umd.edu!mark From: mark@roissy.umd.edu (Mark Sienkiewicz) Newsgroups: comp.os.386bsd.questions Subject: Re: Using gets() [ Was Re: nn ] Date: 19 Jul 1993 21:25:33 GMT Organization: University of Maryland Lines: 25 Message-ID: <22f3gd$foa@umd5.umd.edu> References: <227e9e$2hj@pdq.coe.montana.edu> <1993Jul17.203914.25267@fwi.uva.nl> <229qig$53k@pdq.coe.montana.edu> NNTP-Posting-Host: roissy.umd.edu In article <229qig$53k@pdq.coe.montana.edu> nate@bsd.coe.montana.edu (Nate Williams) writes: >It has nothing to do with 386BSD. It has to do with safe/portable >programming. The author of the BSD library felt it was more important >for folks to know about the inherent limitations of gets(), so that >people could fix "BROKEN SOFTWARE" Ok-- so they're both wrong. NN uses a function that lets the user hose it by providing bad input. "POSIX Programmers Guide" from O'Reilly says that gets() is defined by ANSI C section 4.9.7.7 and by Posix 8.2.3.5. Anybody have either of these handy to see if gets() is allowed to do output? :) >Heck, this might work. ... broken code deleted ... > (I just wrote this >off the top of my head, and the sizeof and strlen stuff might not work >at all. Correct! :) sizeof(char *) == 4. Just grab gets() source out of the library and remove the offending lines.