Thread: Two problems with std::cin.getline()

  1. #46
    and the Hat of Guessing tabstop's Avatar
    Join Date
    Nov 2007
    Posts
    14,336
    I'm not sure what exactly you missed, 'cause I missed it too.

    I don't see how C++ is more vulnerable to a "type a bunch of characters" attach than, say, C. A std::string is guaranteed (I believe, I'll double check with the standard later maybe) to be able to hold whatever the size of the stdin buffer is. And processing 16 + 1000000 (the C-fixed buffer way) is no better or worse than processing 1000000 in one shot. And of course you can't overwrite any memory the C++ way, as far as I can tell.

  2. #47
    Registered User
    Join Date
    Jun 2004
    Posts
    124
    Citizen, there is really nothing wrong with your solution except my admittedly rather arbitrary desire not to need so many lines of code every time I want input from the console. My application needs to accept input in about a dozen different places.

    Tabstop, the problem with std::string is that I cannot restrict the amount of input I receive. I need a fixed upper bound. You are right in that memory is not overwritten; however, I am left to deal with arbitrary length input which is not what I want.

  3. #48
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    Quote Originally Posted by maxhavoc
    Citizen, there is really nothing wrong with your solution except my admittedly rather arbitrary desire not to need so many lines of code every time I want input from the console. My application needs to accept input in about a dozen different places.
    That's what, uh, functions are for.

    Quote Originally Posted by maxhavoc
    Tabstop, the problem with std::string is that I cannot restrict the amount of input I receive. I need a fixed upper bound. You are right in that memory is not overwritten; however, I am left to deal with arbitrary length input which is not what I want.
    If you are going to discard extra input either way, then one solution is to take the substring of the string read with the precise upper bound that you need.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  4. #49
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    You can restrict the maximum string input length using the setw() modifier. For the >> operator, that is. The inability to limit the input size for std::getline() is a serious shortcoming.
    Last edited by CornedBee; 10-16-2008 at 09:07 AM.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  5. #50
    Registered User
    Join Date
    Oct 2006
    Posts
    3,445
    Quote Originally Posted by maxhavoc View Post
    cin.ignore() asks for a number of characters to ignore. Is it safe to pass a huge number like INT_MAX to it?
    I believe that if you pass no parameters to std::istream::ignore(), it uses the default parameters of 1, and EOF respectively, and somehow this has the effect of ignoring all remaining data.

  6. #51
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    No, the argument 1 means exactly what it says.

    It's safe to pass a huge number to ignore().
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  7. #52
    Banned master5001's Avatar
    Join Date
    Aug 2001
    Location
    Visalia, CA, USA
    Posts
    3,685
    Which is why I offered up (unsigned)-1. That is sufficiently large. If its worth anything to max, most consoles have a physical input limitation to begin with. So the chances of someone trying to DoS attack your "Hello world" app could be thwarted by bash or cmd or whatever your command shell is not physically taking in more than .25k or w/e of user input.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. No clue how to make a code to solve problems!
    By ctnzn in forum C Programming
    Replies: 8
    Last Post: 10-16-2008, 02:59 AM
  2. C Pointers Problems
    By mhelal in forum C Programming
    Replies: 8
    Last Post: 01-10-2007, 06:35 AM
  3. Rendering problems (DirectX?)
    By OnionKnight in forum Tech Board
    Replies: 0
    Last Post: 08-17-2006, 12:17 PM
  4. contest problems on my site
    By DavidP in forum Contests Board
    Replies: 4
    Last Post: 01-10-2004, 09:19 PM
  5. DJGPP problems
    By stormswift in forum C Programming
    Replies: 2
    Last Post: 02-26-2002, 04:35 PM