safe integer input

[hilarius]

I read that the scanf function is not safe. I made an attempt for a getInt(), but I'm not happy about it. I have to give two arguments: the max value and the max length of the number (I mean the max number of characters in the string). I'm not able to extract this maxLength from the max value:

Code:

int getInt(int max, int maxLength){

	char input[maxLength];
	char c;
	int i;
	printf("Enter an integer: ");
	for (i = 0;(c = getchar())!='\n';++i){
			if (i < maxLength-1){
				if (!isdigit(c) && (c !='-')){
					printf("Number contains non-digit characters. Exiting.");
					exit(0);
				}
			input[i] = c;
			} else {
				printf("Number was too long. Exiting");  
				exit(0);
			}
	}
	int result = atoi(input);
	if (result <= max){ 
		return result;
	} else {
		return -1;
	}
}

It's kinda messy, but I don't see an alternative... Any suggestions?

[BEN10]

Your question is not clear to me. But my personal suggestion would be to use scanf() for inputting ints. It is generally not safe for inputting strings.

[Memloop]

https://www.securecoding.cert.org/co...+to+an+integer

[hilarius]

Your question is not clear to me. But my personal suggestion would be to use scanf() for inputting ints. It is generally not safe for inputting strings.

What happens if i enter a letter instead of an integer number? The program doesn't complain, it just takes the wrong integer.

Code:

#include <stdlib.h>
#include <stdio.h>

int main(){
	int a;
	printf("Enter integer: ");
	scanf("%d", &a);
	printf("The integer was %d.\n", a);
	return 0;
}

[Memloop]

If you have input you need to validate, first read it in as a string and then use strtol to convert it to an integer (see the link above). scanf doesn't handle integer overflows for example, so it's not reliable to use when dealing with user input.

[BEN10]

What happens if i enter a letter instead of an integer number? The program doesn't complain, it just takes the wrong integer.

Code:

#include <stdlib.h>
#include <stdio.h>

int main(){
	int a;
	printf("Enter integer: ");
	scanf("%d", &a);
	printf("The integer was %d.\n", a);
	return 0;
}

In that case you can check the value returned by scanf. scanf() returns the number of correct inputs. Eg.

Code:

#include <stdlib.h>
#include <stdio.h>

int main(){
	int a,x;
	printf("Enter integer: ");
	x=scanf("%d", &a);
                if(x==1)
	printf("The integer was %d.\n", a);
                else
                printf("Input is not an integer");
	return 0;
}

[BEN10]

scanf doesn't handle integer overflows for example, so it's not reliable to use when dealing with user input.

Hmmmmmmm.......you're right. This is the point where scanf fails.

[quzah]

It's not really failing. You're not using it right. You can't type 100000000000000 and expect it to fit in one byte. The same goes for a 32 bit int. Use the right datatype, or don't, and just use strings for "numbers".

Code:

while input
    read char
    if char = sign and no stored digits
        if sign indicator not set
            set sign indicator
        else
            error
    else
    if number
        if number length ok
            store character
            increment current length conter
        else
            error
    else
    if you are doing decimal points and it is a decimal point
        if you don't have one yet
            set have decimal point
            store decimal point
        else
            error
    else
        error

Something like that.


Quzah.

[Memloop]

Don't forget to include stdlib.h if you're going to use strtol. For some reason, GCC didn't warn me when using strtol without including stdlib.h, but instead resorted to returning -1 as the return value from strtol regardless of the input.

[laserlight]

Don't forget to include stdlib.h if you're going to use strtol. For some reason, GCC didn't warn me when using strtol without including stdlib.h, but instead resorted to returning -1 as the return value from strtol regardless of the input.

That could be the result of an implicit declaration defaulting to int. You could try enabling a higher warning level, e.g., -Wall.