gets() is an unsafe method. Alternatives?

This is a discussion on gets() is an unsafe method. Alternatives? within the C Programming forums, part of the General Programming Boards category; When executing a simple program I created through tutorials I am working through I am told by my OS that ...

  1. #1
    Registered User
    Join Date
    Apr 2011
    Posts
    23

    gets() is an unsafe method. Alternatives?

    When executing a simple program I created through tutorials I am working through I am told by my OS that using gets is unsafe.

    Is there an alternative to it that will allow strings to be entered, besides scanf() which seems to only accept a predefined number of variables.

    gets(input); allows me to accept unlimited input regardless of whitespace

    scanf("%s", input); only allows me to capture one word of the input.

    I don't imagine it's wise to ignore OS warnings of this type, so if someone can tell me a better "safe" way to do this, please do.

  2. #2
    ATH0 quzah's Avatar
    Join Date
    Oct 2001
    Posts
    14,826
    Read the FAQ. Or just use fgets.


    Quzah.
    Hope is the first step on the road to disappointment.

  3. #3
    Registered User
    Join Date
    Apr 2011
    Posts
    23
    fgets is what I need. Having checked the FAQ it seems my answer is there.

    Thanks.

    For confirmation from the FAQ, please tell me if I am doing this correctly now:

    Code:
    char input[81];
    
    fgets(input, sizeof(input), stdin);
    Will doing this discard any input past 80 characters or is the if() statement in the example mandatory?
    Last edited by ModeSix; 04-25-2011 at 11:49 PM.

  4. #4
    Registered User
    Join Date
    Nov 2010
    Location
    Long Beach, CA
    Posts
    5,676
    It wont discard it. It will sit waiting in the input buffer for the next read from stdin.

  5. #5
    CSharpener vart's Avatar
    Join Date
    Oct 2006
    Location
    Rishon LeZion, Israel
    Posts
    6,484
    Quote Originally Posted by ModeSix View Post
    When executing a simple program I created through tutorials I am working through I am told by my OS that using gets is unsafe.

    Is there an alternative to it that will allow strings to be entered, besides scanf() which seems to only accept a predefined number of variables.
    using scanf without width modifier is also "unsafe"

    when reading strings with scanf always add width modifier to prevent buffer overrun
    Code:
    char buf[80];
    scanf("%79s",buf);
    %s is not the only format for reading strings
    %[^\n] will read input till \n is encountered
    The first 90% of a project takes 90% of the time,
    the last 10% takes the other 90% of the time.

  6. #6
    Registered User
    Join Date
    Apr 2011
    Posts
    23
    Quote Originally Posted by anduril462 View Post
    It wont discard it. It will sit waiting in the input buffer for the next read from stdin.
    Thank you. Is there a way to discard any overflow?

    Quote Originally Posted by vart
    %[^\n] will read input until \n is encountered
    Will this also work with a width modifier? ex: %80[^\n] ?

  7. #7
    CSharpener vart's Avatar
    Join Date
    Oct 2006
    Location
    Rishon LeZion, Israel
    Posts
    6,484
    Quote Originally Posted by ModeSix View Post
    Thank you. Is there a way to discard any overflow?
    Read the FAQ - how to flush input buffer


    Quote Originally Posted by ModeSix View Post
    Will this also work with a width modifier? ex: %80[^\n] ?
    yes
    Note that width should be 1 less than buffer size to have space for null terminator
    The first 90% of a project takes 90% of the time,
    the last 10% takes the other 90% of the time.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Is sprintf to unsafe to use?
    By 39ster in forum C Programming
    Replies: 3
    Last Post: 06-11-2008, 08:52 AM
  2. '<' : unsafe use of type 'bool' in operation
    By cboard_member in forum C++ Programming
    Replies: 7
    Last Post: 07-16-2006, 11:33 AM
  3. any alternatives??
    By anasimtiaz in forum C Programming
    Replies: 5
    Last Post: 10-19-2004, 10:13 AM
  4. alternatives to pow()
    By mcdms in forum C++ Programming
    Replies: 4
    Last Post: 10-10-2004, 10:42 PM
  5. MFC alternatives?
    By Hubas in forum Windows Programming
    Replies: 6
    Last Post: 08-01-2002, 09:04 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21