Like Tree2Likes
  • 1 Post By whiteflags
  • 1 Post By whiteflags

Do we still fgets to be safe?

This is a discussion on Do we still fgets to be safe? within the C++ Programming forums, part of the General Programming Boards category; Hello Some time ago I read Effective C++ and it advises programmers to use fgets() instead of get because you ...

  1. #1
    Registered User
    Join Date
    Nov 2012
    Posts
    10

    Do we still fgets to be safe?

    Hello

    Some time ago I read Effective C++ and it advises programmers to use fgets() instead of get because you can specify how many characters to read, and thus avoid memory corruption if the input is too long.

    Several new books (such as Prata or Professional C++) don't speak about fgets.

    Is it because we don't need it anymore?

    cin.get()
    and cin.getline() can also specify the size to read, and I think other functions too.
    What's the difference between cin.get and fgets?

  2. #2
    Registered User whiteflags's Avatar
    Join Date
    Apr 2006
    Location
    United States
    Posts
    7,638
    In C++, C functions aren't that important because you can use C++ libraries.

    The idea behind the typical fgets() loop in C can be expressed in C++ as
    Code:
    #include <iostream>
    #include <string>
    using namespace std;
    
    string buff;
    while (getline(cin, buff)) ...
    That's pretty safe.
    skan likes this.

  3. #3
    Registered User
    Join Date
    Nov 2012
    Posts
    10
    OK, thanks. And what happens if the input is bigger than the size that can be fit in memory?

  4. #4
    Registered User whiteflags's Avatar
    Join Date
    Apr 2006
    Location
    United States
    Posts
    7,638
    If a string needs more memory it will automatically reallocate itself. If that allocation should fail, the string is unaltered, and a type of runtime exception called bad_alloc is thrown.

    There are hard limits on the size of a string, which come from the range of numeric values it uses: The size_type used to report the length of the string and access characters does have a maximum value. This number is quite large. If you are curious about the limits of your string implementation, you can call max_size().

    If you use other methods, like cin.getline() or cin.get(), they can be called to act much like fgets() does. The major difference between the two is that the newline, if it can be stored, is actually discarded by cin.getline() before returning, and fgets() does not do this. If you use cin.get() to read a line, then the newline will be retained.
    Last edited by whiteflags; 08-13-2013 at 09:45 PM.
    smokeyangel likes this.

  5. #5
    Registered User
    Join Date
    Mar 2010
    Posts
    535
    On the C side, still always avoid gets() like the plague. It's actually been removed from C11, as it's just such a terrible function. fgets() is fine.

    But yes, in C++ there's no need to worry about gets/fgets if you're happy using get() and getline().

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Is this safe?
    By Shokwav in forum C++ Programming
    Replies: 6
    Last Post: 03-05-2012, 02:36 PM
  2. Is this safe?
    By pheres in forum C++ Programming
    Replies: 22
    Last Post: 04-01-2008, 03:02 PM
  3. is scanf as safe as fgets when used to receive string?
    By Antigloss in forum C Programming
    Replies: 4
    Last Post: 08-31-2005, 05:18 PM
  4. How Safe is your pc
    By GSLR in forum A Brief History of Cprogramming.com
    Replies: 10
    Last Post: 09-16-2003, 02:53 AM
  5. How safe is it?
    By hermit in forum A Brief History of Cprogramming.com
    Replies: 40
    Last Post: 05-08-2002, 09:33 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21