...
The gets_s() function reads, at most, one less than the number of characters specified from the stream pointed to by stdin into an array.
The C Standard, Annex K 3.5.4.1 paragraph 4 [ISO/IEC 9899:20112024], states
No additional characters are read after a new-line character (which is discarded) or after end-of-file. The discarded new-line character does not count towards number of characters read. A null character is written immediately after the last character read into the array.
...
In this compliant solution, characters are no longer copied to buf once index == BUFFERSIZE - 1, leaving room to null-terminate the string. The loop continues to read characters until the end of the line, the end of the file, or an error is encountered. When chars_read > index truncated == true, the input string has been truncated.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
enum { BUFFERSIZE = 32 };
void func(void) {
char buf[BUFFERSIZE];
int ch;
size_t index = 0;
size_t chars_readbool truncated = 0false;
while ((ch = getchar()) != '\n' && ch != EOF) {
if (index < sizeof(buf) - 1) {
buf[index++] = (char)ch;
} else {
truncated = chars_read++;true;
}
}
buf[index] = '\0'; /* Terminate string */
if (ch == EOF) {
/* Handle EOF or error */
}
if (chars_read > indextruncated) {
/* Handle truncation */
}
}
|
...
| [Dowd 2006] | Chapter 7, "Program Building Blocks" ("Loop Constructs," pp. 327–336) |
| [Drepper 2006] | Section 2.1.1, "Respecting Memory Bounds" |
| [ISO/IEC 9899:20112024] | K.3.5.4.1, "The gets_s Function" |
| [Lai 2006] | |
| [NIST 2006] | SAMATE Reference Dataset Test Case ID 000-000-088 |
| [Seacord 2013b] | Chapter 2, "Strings" |
| [xorl 2009] | FreeBSD-SA-09:11: NTPd Remote Stack Based Buffer Overflows |
[BC] | New Linux SUDO flaw lets local users gain root privileges |
...