On 09/12/13 23:01, Les Howell wrote:
unless something has changed recently fputs and puts just like gets and
fgets have been deprecated and are discouraged due to potential security
issues.
Nonsense.
The reason gets is dangerous is because it doesn't take a buffer size so
will continue reading until it sees a newline even if it has long since
overflowed the buffer - there is literally no way to use it safely
unless you can guarantee the maximum length of a line in the input stream.
That does not apply to fgets, which takes a buffer length and is
therefore safe as it will not overflow the buffer.
It also doesn't apply to put or fputs, which are output routines so read
from the buffer rather than writing to it, stopping at a nul.
Tom
--
Tom Hughes (tom@xxxxxxxxxx)
http://compton.nu/
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
