Is it safe to use getchar() and putchar()










0














I've been told that I should use fgets and sscanf instead of scanf and I'm just wondering if there are any problems associated with getchar() and putchar() that are similar to the problems with scanf.










share|improve this question


























    0














    I've been told that I should use fgets and sscanf instead of scanf and I'm just wondering if there are any problems associated with getchar() and putchar() that are similar to the problems with scanf.










    share|improve this question
























      0












      0








      0







      I've been told that I should use fgets and sscanf instead of scanf and I'm just wondering if there are any problems associated with getchar() and putchar() that are similar to the problems with scanf.










      share|improve this question













      I've been told that I should use fgets and sscanf instead of scanf and I'm just wondering if there are any problems associated with getchar() and putchar() that are similar to the problems with scanf.







      c






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 10 at 22:52









      HoneyBunchers

      133




      133






















          2 Answers
          2






          active

          oldest

          votes


















          0














          no since getchar and putchar (unlike gets, scanf, fgets) use char types, not char *, so there's no risk of buffer overflow since there's no buffer (there is a buffer since I/O is buffered, but you don't control its size and it's properly managed by the C library)



          Be careful when using them in a loop not to recreate security issues in your own code, the ones that you wanted to avoid.



          If your goal is to read a string using getchar, you'll have to create a loop to store characters. If you aren't careful, you could end up with the same kind of buffer overflow issues. The problem has just moved somewhere else in your code.






          share|improve this answer




























            1














            The main problem with scanf is that it's pattern language doesn't always allow enough control, particularly if you want to restrict input to a line-oriented format. A secondary problem, which can be overcome by specifying size limits, is that by default string fields are of unlimited size and can therefore overflow their destination buffers.



            getchar does not suffer from either of those issues,, for reasons which I hope are obvious.






            share|improve this answer




















              Your Answer






              StackExchange.ifUsing("editor", function ()
              StackExchange.using("externalEditor", function ()
              StackExchange.using("snippets", function ()
              StackExchange.snippets.init();
              );
              );
              , "code-snippets");

              StackExchange.ready(function()
              var channelOptions =
              tags: "".split(" "),
              id: "1"
              ;
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function()
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled)
              StackExchange.using("snippets", function()
              createEditor();
              );

              else
              createEditor();

              );

              function createEditor()
              StackExchange.prepareEditor(
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader:
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              ,
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              );



              );













              draft saved

              draft discarded


















              StackExchange.ready(
              function ()
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53244213%2fis-it-safe-to-use-getchar-and-putchar%23new-answer', 'question_page');

              );

              Post as a guest















              Required, but never shown

























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              0














              no since getchar and putchar (unlike gets, scanf, fgets) use char types, not char *, so there's no risk of buffer overflow since there's no buffer (there is a buffer since I/O is buffered, but you don't control its size and it's properly managed by the C library)



              Be careful when using them in a loop not to recreate security issues in your own code, the ones that you wanted to avoid.



              If your goal is to read a string using getchar, you'll have to create a loop to store characters. If you aren't careful, you could end up with the same kind of buffer overflow issues. The problem has just moved somewhere else in your code.






              share|improve this answer

























                0














                no since getchar and putchar (unlike gets, scanf, fgets) use char types, not char *, so there's no risk of buffer overflow since there's no buffer (there is a buffer since I/O is buffered, but you don't control its size and it's properly managed by the C library)



                Be careful when using them in a loop not to recreate security issues in your own code, the ones that you wanted to avoid.



                If your goal is to read a string using getchar, you'll have to create a loop to store characters. If you aren't careful, you could end up with the same kind of buffer overflow issues. The problem has just moved somewhere else in your code.






                share|improve this answer























                  0












                  0








                  0






                  no since getchar and putchar (unlike gets, scanf, fgets) use char types, not char *, so there's no risk of buffer overflow since there's no buffer (there is a buffer since I/O is buffered, but you don't control its size and it's properly managed by the C library)



                  Be careful when using them in a loop not to recreate security issues in your own code, the ones that you wanted to avoid.



                  If your goal is to read a string using getchar, you'll have to create a loop to store characters. If you aren't careful, you could end up with the same kind of buffer overflow issues. The problem has just moved somewhere else in your code.






                  share|improve this answer












                  no since getchar and putchar (unlike gets, scanf, fgets) use char types, not char *, so there's no risk of buffer overflow since there's no buffer (there is a buffer since I/O is buffered, but you don't control its size and it's properly managed by the C library)



                  Be careful when using them in a loop not to recreate security issues in your own code, the ones that you wanted to avoid.



                  If your goal is to read a string using getchar, you'll have to create a loop to store characters. If you aren't careful, you could end up with the same kind of buffer overflow issues. The problem has just moved somewhere else in your code.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 10 at 22:58









                  Jean-François Fabre

                  100k954109




                  100k954109























                      1














                      The main problem with scanf is that it's pattern language doesn't always allow enough control, particularly if you want to restrict input to a line-oriented format. A secondary problem, which can be overcome by specifying size limits, is that by default string fields are of unlimited size and can therefore overflow their destination buffers.



                      getchar does not suffer from either of those issues,, for reasons which I hope are obvious.






                      share|improve this answer

























                        1














                        The main problem with scanf is that it's pattern language doesn't always allow enough control, particularly if you want to restrict input to a line-oriented format. A secondary problem, which can be overcome by specifying size limits, is that by default string fields are of unlimited size and can therefore overflow their destination buffers.



                        getchar does not suffer from either of those issues,, for reasons which I hope are obvious.






                        share|improve this answer























                          1












                          1








                          1






                          The main problem with scanf is that it's pattern language doesn't always allow enough control, particularly if you want to restrict input to a line-oriented format. A secondary problem, which can be overcome by specifying size limits, is that by default string fields are of unlimited size and can therefore overflow their destination buffers.



                          getchar does not suffer from either of those issues,, for reasons which I hope are obvious.






                          share|improve this answer












                          The main problem with scanf is that it's pattern language doesn't always allow enough control, particularly if you want to restrict input to a line-oriented format. A secondary problem, which can be overcome by specifying size limits, is that by default string fields are of unlimited size and can therefore overflow their destination buffers.



                          getchar does not suffer from either of those issues,, for reasons which I hope are obvious.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered Nov 10 at 23:01









                          rici

                          151k19131196




                          151k19131196



























                              draft saved

                              draft discarded
















































                              Thanks for contributing an answer to Stack Overflow!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid …


                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.

                              To learn more, see our tips on writing great answers.





                              Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                              Please pay close attention to the following guidance:


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid …


                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.

                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function ()
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53244213%2fis-it-safe-to-use-getchar-and-putchar%23new-answer', 'question_page');

                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Top Tejano songwriter Luis Silva dead of heart attack at 64

                              政党

                              天津地下鉄3号線