473,586 Members | 2,678 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Why is it dangerous?

'evening.

I'm not new to C and have been programming in it since I was 8 but
here's a strange problem I've never seen before.

When I compile a program from our C course with a windows compiler
there is no problem but when I try to compile it with a linux compiler
it complains that

a_03.c:(.text+0 x4d): warning: the `gets' function is dangerous
and should not be used.

Is linux more dangerous than windows? Where can I download a
non dangerous gets function? I have never used gets before is
there undefined behavior somewhere?
Here is a trimmed down example program from my assignment that
demonstrates the problem

#include <stdio.h>
#include <malloc.h>

void main()
{
char *string;
printf("enter string (max 2000 chars): ");
fflush(stdin);
fflush(stdout);
string = (char *)malloc(2001);
if(!string) exit(1);
gets(string);
printf("you entered: %s\n", string);
free(string);
exit(0);
}

On windows with TurboC and Lcc no error is printed. On linux with
gcc it says gets is dangerous.

Please advise my instructor says gcc is overly pedantic.
Aug 10 '08
233 8550

"James Dow Allen" <jd*********@ya hoo.comschreef in bericht
news:33******** *************** ***********@i20 g2000prf.google groups.com...
On Aug 10, 6:25 pm, Antoninus Twink <nos...@nospam. invalidwrote:
a_03.c:(.text+0 x4d): warning: the `gets' function is dangerous
and should [never] be used.
...
Of course, this is nonsense. There is a perfectly safe way to use
gets(), namely by being in control of what appears on stdin.
>The infamous worm was complex enough to attempt
exploitation of at least 4 different security loopholes,
but just one of the loopholes was ubiquitous enough
to make it necessary and sufficient for the Worm's
"success."
That loophole was the dangerous use
of gets() in a program (fingerd) usually run with
superuser authority.
The story of the internet worm doesnt make Twink's statement less true.
fingerd was not in control of stdin, so yes it could be exploited. Twink
said that gets can be used safely when you are in control of stdin.

Aug 11 '08 #41
James Dow Allen wrote, On 11/08/08 09:38:
On Aug 10, 6:25 pm, Antoninus Twink <nos...@nospam. invalidwrote:
>>>a_03.c:(.tex t+0x4d): warning: the `gets' function is dangerous
and should [never] be used.
...
Of course, this is nonsense. There is a perfectly safe way to use
gets(), namely by being in control of what appears on stdin.

Heresy! I'm surprised no one launched a diatribe here
against Mr. Twink, so let me offer a diatribe in support!

Six comments on gets().
First, some history. (Some c.l.c'ers weren't
even alive at the time of the infamous Internet
Worm.)
Others were.

<snip>
Perhaps there's a way to disable gcc's "dangerous"
message but, in keeping with the FSF philosophy, I'm
sure the cure is worse than the disease, something like
setenv IM_AN_UNREPENTA NT_MORONIC_ASSH OLE
I suspect the only way to disable it is to do a custom build of gcc.

<snip>
The gets() deprecators aren't wrong; indeed I'll cheerfully
concede that their position is more defensible than mine!
But I'm happy to take a Devil's Advocate position to
encourage critical thinking when I see the preposterous and
dogmatic over-generalizations which become so routine in
this ng. Is gets() a *potential* source of bugs? Obviously.
But I'd love to organize a wager, between me and one of
the pedants, on whose code contains more *actual* bugs.
I'll wager that the number of usages of gets posted to this group where
the input is not under compete control of the poster (a student is not
in control of what his/her instructor types in) is over a hundred times
more than the number of usages where it is under the posters control.
Actually, I suspect the only safe gets usages posted to this group are
posted specifically to point out that with guarantees beyond the scope
of C you can use it safely. Even on the occasions where input is under
my complete control I would use something else.
* - Detractors will argue that what I *should* want to
do is spend hours writing a diagnostic for such malloc()
failures! In fact I don't want to do anything about them
since the smallish malloc()'s I use to build the website
Aren't Going To Fail(tm). (The pedants will respond to
Actually I would not suggest spending hours on it. As it is for personal
use and you are confident it won't fail and would probably just want the
program to abort if it did you could spend a small amount of time
writing a small wrapper that checks the return value and aborts the
program with a failure message if the allocation fails. Not something I
would recommend for general programming, but better than not checking
the value and, if done at the start, will not even cost you 5 minutes.

<snip>
I *might* have changed from gets() to fgets() on some
of my private code if it weren't for the above nit.
(And yes, I *do* know how to do
if (*s == '\n') *s = 0;
in C.)
So write a wrapper function (or macro) that does this. Or (if
appropriate) you could get it to emit a diagnostic if an overlong line
is encountered.

<snip>
Finally, let's note that programming and lawyerism
are different crafts.
Reviewing code is another craft different from both of those.
The Authorities(tm) who post so pedantically in this
ng are often not completely wrong, but their pretentious
comments about gets() show confused thinking.
I disagree. I've seen more bugs more crashes of SW due to doing things
similar to calling gets (writing and using a function which takes user
input with no protection against over-long input) than I've seen safe
uses of gets. Generally when someone posts code here using gets it shows
that they have not even considered the possibility of buffer overflows,
and in such situations surely pointing out the possibility of a buffer
overflow is appropriate?
In
particular, I wonder if some of them are law school
dropouts.
I suspect none of them are.
When I mention the gets()'s that I use, in private,
behind my Impenetrable Firewall(tm), on strings generated
by my own Bugfree Software(tm), they never acknowledge
that some gets()'s are less dangerous than others
but instead reject "safe" usages of gets() based on
I've worked on safety-critical SW (as in real possibility of a person
being killed if it goes wrong) and on SW where a crash would at most
make someone mutter something, so I think I am aware that in some
situations a potential (or real) bug is more serious than in other
situations.

<snip>
If anyone has trouble understanding the absurdity and
hypocrisy of this legalistic view, I refer them to answers
previously given, here in the ng.
I don't consider the view to be hypocritical since I don't use gets in
my code (not even in throw-away code) and if I found it used in code I
was reviewing then I would reject that code.

Also see comments above on the likelihood of someone being aware of the
issues with gets when they post code here that uses it.
Hope this helps, :-)
James Hussein Allen
Here is another argument against using gets. It has now been deprecated
so you are limiting portability if you use it. After all, what with it
being deprecated it might not be available in implementations in 50
years time! ;-)
--
Flash Gordon
Aug 11 '08 #42
The way to get rid of the warning on gets(), if you really want to
do it, is (on FreeBSD, anyway, but I suspect it applies to other
systems that use gcc as a default compiler):

(1) Remove the call to __warn_referenc es() in gets.c .
(2) Rebuild the C library.

Rebuilding the compiler isn't necessary.
Aug 11 '08 #43
Gordon Burditt wrote:
The way to get rid of the warning on gets(), if you really want to
do it, is (on FreeBSD, anyway, but I suspect it applies to other
systems that use gcc as a default compiler):

(1) Remove the call to __warn_referenc es() in gets.c .
(2) Rebuild the C library.

Rebuilding the compiler isn't necessary.
An even easier way, and a better one to boot, is to remove
the calls to gets() from your code.

Is it possible to use gets() safely? Yes, I suppose so, in
tightly controlled circumstances. But why bother? It seems to
me that establishing the tight control is far more trouble than
just using fgets() in the first place. Any programmer for whom
the trailing '\n' is troublesome is unlikely to be able to muster
the skill and diligence to exercise the requisite control anyhow.

Something about this fascination with gets() reminds me of
the complaints one hears from people who dislike wearing safety
belts when driving. Yes, it is possible to drive safely without
a seat belt: Just don't run into anything, nor permit anything
to run into you. And look at all the buckling and unbuckling
effort you save! Yowza! Off with the belts and on with the party!

--
Er*********@sun .com
Aug 11 '08 #44
>
>if you can NOT define the input then I would agree. ...
Can you truly define the input? Can you guarantee that even if the code
is used in controlled conditions now, that it will NEVER be used under
different conditions?

Maybe you can, but by the time you've taken the time to do a proper
security audit of your code and all the ways it would ever be used,
it would be simpler to switch to fgets().
--
-Ed Falk, fa**@despams.r. us.com
http://thespamdiaries.blogspot.com/
Aug 11 '08 #45
On 11 Aug 2008 at 20:02, Eric Sosman wrote:
Something about this fascination with gets() reminds me of the
complaints one hears from people who dislike wearing safety belts when
driving.
Not really.

Usually these "complaints " are just the observation that
self-determination is a pretty fundamental liberty that we should have
in a free society. The state has *no damn business* telling me what I
should or shouldn't do in the privacy of my own car, when it doesn't
affect anyone's safety but my own.

Although Heathfield clearly would love to be the dictator of the world,
actually he isn't, and no one's trying to prevent anyone using gets() by
force of law.

So the sitations aren't really comparable.

Aug 11 '08 #46
On 11 Aug 2008 at 20:31, Edward A. Falk wrote:
Can you truly define the input? Can you guarantee that even if the code
is used in controlled conditions now, that it will NEVER be used under
different conditions?
Yes, I believe I can.

$ alias throwaway="rm -f"
$ throwaway throwaway-program throwaway-program.c

Or, what part of "throwaway" don't you understand?

Aug 11 '08 #47
Antoninus Twink wrote:
) Usually these "complaints " are just the observation that
) self-determination is a pretty fundamental liberty that we should have
) in a free society. The state has *no damn business* telling me what I
) should or shouldn't do in the privacy of my own car, when it doesn't
) affect anyone's safety but my own.

Suppose you're driving along and an oncoming car suddenly veers ondy your
lane, hitting you head-on. Wearing a seatbelt would save your life, but
that is your choice, right ? You're the only one harmed by not wearing it,
right ?

Wrong.

The person driviong that other car would, if you were killed, have the
very traumatic experience of having caused your death, as opposed to just
causing you some injuries had you worn your seatbelt.

So by choosing not to wear your seatbelt you put others in danger of being
traumatized by your death.
SaSW, Willem
--
Disclaimer: I am in no way responsible for any of the statements
made in the above text. For all I know I might be
drugged or something..
No I'm not paranoid. You all think I'm paranoid, don't you !
#EOT
Aug 11 '08 #48
Willem wrote:
Antoninus Twink wrote:
) Usually these "complaints " are just the observation
Suppose you're driving
Please don't feed the troll.

Brian
Aug 11 '08 #49
Willem said:
Antoninus Twink wrote:
) Usually these "complaints " are just the observation that
) self-determination is a pretty fundamental liberty that we should have
) in a free society. The state has *no damn business* telling me what I
) should or shouldn't do in the privacy of my own car, when it doesn't
) affect anyone's safety but my own.

Suppose you're driving along and an oncoming car suddenly veers ondy your
lane, hitting you head-on. Wearing a seatbelt would save your life, but
that is your choice, right ? You're the only one harmed by not wearing
it, right ?

Wrong.

The person driviong that other car would, if you were killed, have the
very traumatic experience of having caused your death, as opposed to just
causing you some injuries had you worn your seatbelt.
They might also suffer the even more traumatic experience of having you
smash through their windscreen, injuring or even killing them.
So by choosing not to wear your seatbelt you put others in danger of
being traumatized by your death.
And possibly their own.

--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999
Aug 11 '08 #50

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

101
3313
by: Bill Cunningham | last post by:
I read an article in a book about Perl and Common Gateway Interface and it mentioned C. It said that C could damage your computer. I don't know wether it meant the standard or compiler issuses. I was a little upset. Well more upset. I sent Dennis Ritchie and email. I don't know if he'll respond if he gets it. Sometimes he does sometimes not....
1
2820
by: b83503104 | last post by:
When are they not consistent?
4
1295
by: cesark | last post by:
Hi ! I have important doubts about how to handle the security in asp.net vb.net web forms. Somebody can help me? 1. If you have setting ‘validateRequest=true’ in .net framework1.1, What can do you do to improve the security? Because although you have validations on server side you can enter dangerous characters in a text field, with the...
302
18427
by: Lee | last post by:
Hi Whenever I use the gets() function, the gnu c compiler gives a warning that it is dangerous to use gets(). Is this due to the possibility of array overflow? Is it correct that the program flow can be altered by giving some specific calculated inputs to gets()? How could anyone do so once the executable binary have been generated? I...
6
7443
by: Brendan | last post by:
Hi, I'm trying to mimic the IPC/messaging system of an specific OS in a portable way by using GCC's library. The IPC system uses buffered asynchronous messages, where any thread can send a message to any other thread (i.e. to the "threadID") without blocking, and the receiver does any security checks necessary. I'm trying to implement...
10
9310
by: lovecreatesbea... | last post by:
C stops the conversion from (char **) to (const char **). c-faq.com sec 11.10 has explanation on this point. But, for example, even the conversion from (char *) to (const char *) brings the same dangerous as in the previous conversion. Why the latter simple but dangerous one is allowed in C? $ cat f1.c int main(void) { const char c...
6
3570
by: Thomas.li | last post by:
Hi, I want to convert CString to LPBYTE like LPBYTE lpByte = (BYTE*)(LPCTSTR)cstring; is it very dangerous to do that?
0
7912
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7839
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
1
7959
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8216
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
1
5710
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
5390
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
1
2345
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
1
1449
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
1180
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.