On Mon, 15 Dec 1997, Chuck Reed wrote:
>Would using the gets command be more suitable to an online motd editor than
>the scanf function?
Ack! Don't use gets(), use fgets() instead.
From the Linux gets() man page:
BUGS
Because it is impossible to tell without knowing the data
in advance how many characters gets() will read, and
because gets() will continue to store characters past the
end of the buffer, it is extremely dangerous to use. It
has been used to break computer security. Use fgets()
instead.
--
George Greer - Me@Null.net | Genius may have its limitations, but stupidity
http://www.van.ml.org/~greerga | is not thus handicapped. -- Elbert Hubbard
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST