Some routines in the standard library have unsafe semantics This was dramatically demonstrated in november 1988 by the worm program that wriggled through thousands of machines on the internet network. The basic problem is that the function doesn't know how big the buffer is, so it continues reading until it finds a newline or encounters eof, and may overflow the bounds of the. And the difference between gets/scanf and fgets is that gets() Only scan until the first space ' ' while fgets() (but be sure to clean the buffer afterwards so you wont get an overflow later on)
It cannot be used safely (unless the program runs in an environment which restricts what can appear on stdin). The gets() function is defined to read input into a buffer provided by the caller, up to and including the first newline (or eof) It does not provide any mechanism for limiting input to the size of the buffer, the only limit to how much gets() will read is newline, or eof. The newline character, if found, is not copied into str A terminating null character is automatically appended after the characters copied to str Notice that gets is quite different from fgets.
It does not seem to wait to wait for the user to input something 2 why was the gets function removed instead of just changing its signature At least in part because removing gets() from the language specification does not mean that implementations must remove it, only that providing it is no longer a conformance requirement. I am using the function gets () in my c code My code is working fine but i am getting a warning message (.text+0xe6) The `gets' function is dangerous and should not be used.
OPEN
