Re: tmpnam(e)

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: tmpnam(e)
From: Adolf Mathias <dolfi@...>
Date: Wed, 09 May 2001 08:46:23 +0200

Edgar Toernig wrote:
> 
> Roberto Ierusalimschy wrote:
> >
> > I've just got a version of gcc that refuses to link my program with `gets'.
> > That really shocked me. If I wanted that kind of protection I wouldn't be
> > using C.
> 
> So it's getting worse :-(  I once had a version of gcc that warned
> about the use of every in their opinion unkosher function.  gets()
> was one of them.  But refusing to link is becoming childish.
> 
> Ciao, ET.

The Linux manual for gets doesn't specifically mention anything about
gets, but getc may definitely be implemented as a macro. On this version
of the C library, gets seems to be a function, i.e. with 
  nm /usr/lib/libc.a | grep '\<gets\>'
I get a line
  00000000 W gets

But seriously, gets is the reason for many, if not most buffer overrun
attacks on Linux. Use fgets or a wrapper function...

Dolfi

-- 
Adolf Mathias              EMail: dolfi at zkm dot de  Web: www.zkm.de
|||| / |< |||                 ZKM Basic Research - Grundlagenforschung
P.B. 6919 D-76049 Karlsruhe, Germany; fon +49 721-8100-1511, fax -1509

References:
- Re: tmpnam(e), Roberto Ierusalimschy
- Re: tmpnam(e), Edgar Toernig

Prev by Date: Re: A History of Lua
Next by Date: Re: tmpnam(e)
Previous by thread: Re: tmpnam(e)
Next by thread: Re: tmpnam(e)
Index(es):
- Date
- Thread