From the course: Secure Coding in C

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Reading input with fgets()

Reading input with fgets() - C Tutorial

From the course: Secure Coding in C

Start my 1-month free trial

Reading input with fgets()

- [Instructor] The original C language string input function, gets, has been deprecated. It's still available, but using it is dangerous. And this code gets appears at line eight. Fetch input and store it in the named buffer. No limit is offered on input, so it definitely can overflow. And when you build normally, depending on the compiler, you would see a warning message. Here the warning doesn't show up, which I'm curious about. Yet when I go to Ubuntu Linux and I use the clang compiler with the -Wall switch, you see the warning in the output. The gets function is dangerous and should not be used. This warning may also appear in the compiled program. To run the program, yes, it works, but I would not recommend it. The proper replacement for the gets function is the fgets function shown here at line eight. It restricts input to the size of its second argument minus one for the terminating null character. And as a…

Contents