Re: Hi I have some hopefully basic questions

From: Attila Feher (
Date: 10/05/04

Date: Tue, 5 Oct 2004 14:41:59 +0300

Alwyn wrote:
> In article <>, Francis Glassborow
> <> wrote:
>> And the C Standards committee is currently working on a Technical
>> Report to add a whole bunch of functions to enable safer programming.
> One just hopes compiler vendors will embrace them in a timely manner.
> So far, very few, if any, have adopted all the features of C99.

Actually one well known[TM] compiler vendor suggested those changes, based
on existing implementation. If my memory does not fail.

>> For the record gets() is a major source of buffer overrun exploits.
> I'm sure it is, but I'm also pretty sure it's not the only one.
> However, the point is taken that 100% safe usage of 'gets' is
> impossible, as one has no way of knowning what the size of the input
> is going to be.

And just quietly: any overflow can result in buffer overruns. For example
when ptrdiff_t is used for indexing structures, and it happens to become

Attila aka WW