From: Felix V. <alp...@ho...> - 2006-07-17 14:02:55
|
>From: Keith Marshall <kei...@us...> >Reply-To: kei...@us... >To: "Felix VIII" <alp...@ho...> >CC: min...@li... >Subject: Re: [Mingw-users] scanf/gets double-use problem >Date: Sun, 16 Jul 2006 08:49:10 +0100 > >Felix, > > >On Saturday 15 July 2006 4:25 pm, Felix VIII wrote: > > >Please provide a *minimal* test case to demonstrate your problem, > > >*including* source code, the *exact* commands you use, and the > > >diagnostics on which you base your assertion. > > > > int main() > > { > > char a, b[5], c, d; > > > > printf("Test 1\n"); > > scanf("%c", &a); > > printf("Test 2\n"); > > gets(b); > > printf("Test 3\n"); > > scanf("%c", &c); > > printf("Test 4\n"); > > scanf("%c", &d); > > printf("End"); > > return 0; > > } > >Well, this doesn't illustrate anything, for nowhere do you actually echo >back what has beed read. Apart from the missing `#include <stdio.h>', I >see only one obvious problem in this, and that's the buffer overrun you >cause with the `gets(b)', if the input record exceeds four bytes in >length -- indeed, `gets()' is *always* a dangerous function to use, for >no matter how big a buffer you provide, there will always be potential >for an input record to overrun it, and, if I compile your test case, >(using gcc-2.96, on my GNU/Linux box), I see: > > $ gcc -o testcase testcase.c > /tmp/ccyu95Eb.o: In function `main': > /tmp/ccyu95Eb.o(.text+0x42): the `gets' function is dangerous and > should not be used. > > > this is a file I used to test it, and I got back: > > Test 1 > > a > > Test 2 > > Test 3 > > a > > Test 4 > > End > >Right, you don't show clearly what is input, and what is output; neither >have you shown the commands you used to run your test case, nor any >diagnostic comparison, as I requested, between what you expected to see, >and the actual output. Based on what I see in your post, I'm guessing at: > > $ gcc -o testcase testcase.c > /tmp/ccyu95Eb.o: In function `main': > /tmp/ccyu95Eb.o(.text+0x42): the `gets' function is dangerous and > should not be used. > > $ cat testcase.in > a > a > > $ ./testcase < testcase.in > Test 1 > Test 2 > Test 3 > Test 4 > End > >which is *exactly* what I would expect to see, from the source you have >provided; i.e. correct behaviour, so where's the problem? > >Regards, >Keith. I acknowledge I failed to use the line '#include <stdio.h>'. I have tested that as well and it provided the same results. So what you're saying is this is expected behavior from these functions. even though you failed to mention it, the scanf function doesn't work the third time it is used, I'm not sure if that was because I'm not getting the point... _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 |