如果一个人抱怨得到(),为什么不跟scanf函数相同(QUOT;%S" ...)? [英] if one complains about gets(), why not do the same with scanf("%s",...)?
问题描述
从人得到:
不要使用gets()函数。因为它是
不可能知道不知道
提前数据多少
字符gets()函数将读取和
因为得到()将继续存储
字符过去的缓冲区的末尾,
这是极其危险的使用。
它已被用于破坏计算机
安全。使用与fgets()代替。
Never use gets(). Because it is impossible to tell without knowing the data in advance how many characters gets() will read, and because gets() will continue to store characters past the end of the buffer, it is extremely dangerous to use. It has been used to break computer security. Use fgets() instead.
几乎无处不在我看到的 scanf函数中应该有同样的问题(的缓冲区溢出/缓冲区溢出): scanf函数(%S,字符串)。在这种情况下存在这个问题?为什么有关于它的 scanf函数手册页没有提到?为什么要与 -Wall ?
Almost everywhere I see scanf being used in a way that should have the same problem (buffer overflow/buffer overrun): scanf("%s",string). This problem exists in this case? Why there are no references about it in the scanf man page? Why gcc does not warn when compiling this with -Wall?
PS:我知道有格式字符串指定字符串的最大长度的方式 scanf函数:
ps: I know that there is a way to specify in the format string the maximum length of the string with scanf:
char str[10];
scanf("%9s",str);
编辑:我不是问到determe如果preceding code是正确与否。我的问题是:如果 scanf函数(%S,字符串)永远是错的,为什么没有警告并没有什么关于它的手册页
edit: I am not asking to determe if the preceding code is right or not. My question is: if scanf("%s",string) is always wrong, why there are no warnings and there is nothing about it in the man page?
推荐答案
答案很简单,没有人写了code在GCC产生的警告。
The answer is simply that no-one has written the code in GCC to produce that warning.
正如您所指出的,为%S的特定情况下的警告(没有字段宽度)是比较合适的。
As you point out, a warning for the specific case of "%s" (with no field width) is quite appropriate.
但是,请记住,这仅仅是为的情况下,scanf()的情况下, vscanf(),的fscanf()和 vfscanf()。此格式说明可与 sscanf的绝对安全()和页vsscanf(),因此,警告不应发出这种情况下。这意味着,你不能简单地把它添加到现有的scanf函数式格式字符串分析code;你必须是分成的fscanf风格的格式字符串和sscanf的样式格式字符串的选项。
However, bear in mind that this is only the case for the case of scanf(), vscanf(), fscanf() and vfscanf(). This format specifier can be perfectly safe with sscanf() and vsscanf(), so the warning should not be issued in that case. This means that you cannot simply add it to the existing "scanf-style-format-string" analysis code; you will have to split that into "fscanf-style-format-string" and "sscanf-style-format-string" options.
我敢肯定,如果你生产的GCC的最新版本补丁它代表的被接受(当然,你将需要提交补丁glibc的头文件也是如此)的好机会。
I'm sure if you produce a patch for the latest version of GCC it stands a good chance of being accepted (and of course, you will need to submit patches for the glibc header files too).
这篇关于如果一个人抱怨得到(),为什么不跟scanf函数相同(QUOT;%S" ...)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
