NO gets() in C11 standard !!! NO gets() in C11 standard !!! NO gets() in C11 standard !!!
string input/output in C
#inlude <stdio.h>
scanf("%s", str);printf("%s", str);gets(str);puts(str);getchar();putchar();
- gets(), a computer programming function that reads a line of input
BUT, NEVER EVER use gets() !!!
- BUGS
- Never use gets(). Because it is impossible to tell without knowing the data in advance how many characters gets() will read, and because gets() will continue to store characters past the end of the buffer, it is extremely dangerous to use. It has been used to break computer security.
- Use fgets() instead.
fgets(str, size, stdin);
为什么
scanf("%s", str);
是安全的呢?
正确的做法是:
char str[10];
scanf("%9s", str);
%s: Scan a character string. The scan terminates at whitespace. A null character is stored at the end of the string, which means that the buffer supplied must be at least one character longer than the specified input length.
参见:
