Return to BSD News archive
Xref: sserve comp.os.386bsd.questions:11817 comp.os.386bsd.development:2342 comp.os.386bsd.misc:2837 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!news.Hawaii.Edu!ames!hookup!swrinde!howland.reston.ans.net!spool.mu.edu!agate!asami From: asami@cs.berkeley.edu (Satoshi ASAMI) Newsgroups: comp.os.386bsd.questions,comp.os.386bsd.development,comp.os.386bsd.misc Subject: Re: Why does FreeBSD 1.1.5 say gets() is unsafe? Date: 21 Jul 94 18:47:11 Organization: CS Div. - EECS, University of California, Berkeley, CA 94720 Lines: 19 Message-ID: <ASAMI.94Jul21184711@forgery.cs.berkeley.edu> References: <30lrf3$2ii@acmez.gatech.edu> <30mcrm$67t@darkstar.UCSC.EDU> NNTP-Posting-Host: forgery.cs.berkeley.edu In-reply-to: haynes@cats.ucsc.edu's message of 21 Jul 1994 09:56:06 PST In article <30mcrm$67t@darkstar.UCSC.EDU> haynes@cats.ucsc.edu (James H. Haynes) writes: * gets() reads data from a stream into a buffer and has no argument telling * it the size of the buffer. So the input line can be longer than the buffer * size and it will overflow the buffer and keep reading. Yes, this was one of the "holes" that the Internet Worm exploited. gets() really has no business being in the standard library, except it is too "standard" (is it in POSIX?) that we can't take it out. * Use fgets(). By the way, when you use fgets(), don't forget that the \n will be in the buffer too! I recently run into a program which forgot to erase it and had a hard time tracking the bug down (probably the author just blindly replaced gets() with fgets()). Satoshi