Consider the below program.
The code looks simple, it reads string from standard input and prints the entered string, but it suffers from Buffer Overflow as gets() doesn’t do any array bound testing. gets() keeps on reading until it sees a newline character.
To avoid Buffer Overflow, fgets() should be used instead of gets() as fgets() makes sure that not more than MAX_LIMIT characters are read.
Please write comments if you find anything incorrect in the above article, or you want to share more information about the topic discussed above.
Attention reader! Don’t stop learning now. Get hold of all the important DSA concepts with the DSA Self Paced Course at a student-friendly price and become industry ready.
- Problem with scanf() when there is fgets()/gets()/scanf() after it
- fgets() and gets() in C language
- Difference between scanf() and gets() in C
- scanf("%[^\n]s", str) Vs gets(str) in C with Examples
- Modify the string such that every character gets replaced with the next character in the keyboard
- Do not use sizeof for array parameters
- Can we use function on left side of an expression in C and C++?
- What is use of %n in printf() ?
- Use of realloc()
- When do we use Initializer List in C++?
- Use of explicit keyword in C++
- How to use getline() in C++ when there are blank lines in input?
- How to use SQLMAP to test a website for SQL Injection vulnerability
- Use of fflush(stdin) in C
- How to use POSIX semaphores in C language
- Use of & in scanf() but not in printf()
- Why strcpy and strncpy are not safe to use?
- Use of FLAG in programming
- Why to use fgets() over scanf() in C?
- What is JavaDoc tool and how to use it?