scanf (yes/no) - doesn't work + deprecation errorsscanf,fopenetc.

scanf (yes/no) - doesn't work + deprecation errorsscanf,fopenetc.

Post by Douglas A. » Sun, 26 Feb 2006 09:54:53



Nor benefit.
It would actually cause new problems due to removal of the
declaration from <stdio.h>.
Specification of an interface in the standard doesn't imply
blessing its use in contexts where it isn't appropriate;
if it did, we'd have to remove all the interfaces.
Further, so long as it is easy to find the specification for
gets(), it can readily be used as an example when teaching
student programmers about overrun issues, so it might make
a positive net contribution to safer programming.
Certainly, anyone using gets() where it could pose a safety
problem (which contrary to trendy claims is *not* everywhere)
must be so oblivious to the relevant issues that even the
(unlikely) total ansence of the function from his development
environment wouldn't make him an appreciably safer programmer.
 
 
 

scanf (yes/no) - doesn't work + deprecation errorsscanf,fopenetc.

Post by kuype » Sun, 26 Feb 2006 10:56:32


It would cause certain programs to fail at compile time that should
fail. I don't see that as a seriouis problem, particularly since the
function will always be available as non-standard extension, even if it
is someday removed from the standard library.


No, but it implies, in this case falsely, that there are at least some
contexts where it is appropriate. You can put together contrived cases
where gets() is actually safe, but there are none where it's
appropriate, when fgets() is available.


It's close enough to everywhere. While there are non-portable ways in
which a program can have sufficient control over it's standard input to
allow safe use of gets(), the standard should mainly be concerned with
the needs of portable code, where no such control is possible.


It would make his programs marginally safer. In the absence of good
reasons for not doing it, even that marginal improvement would still be
worthwhile.

 
 
 

scanf (yes/no) - doesn't work + deprecation errorsscanf,fopenetc.

Post by Keith Thom » Sun, 26 Feb 2006 11:20:46

"Douglas A. Gwyn" < XXXX@XXXXX.COM > writes:


Obviously, I disagree.

Prior to the ANSI standard, strdup() was commonly part of the C
library, right? Why did the C89 standard include gets() but not
strdup()? If gets() had been dropped from the standard back in 1989,
would that have been a bad thing; would you have (or did you) argue
for including it?

--
Keith Thompson (The_Other_Keith) XXXX@XXXXX.COM < http://www.yqcomputer.com/ ~kst>
San Diego Supercomputer Center <*> < http://www.yqcomputer.com/ ~kst>
We must do something. This is something. Therefore, we must do this.
 
 
 

scanf (yes/no) - doesn't work + deprecation errorsscanf,fopenetc.

Post by Micah Cowa » Sun, 26 Feb 2006 11:48:16

"Douglas A. Gwyn" < XXXX@XXXXX.COM > writes:

^^^^^^

"You keep using that word. I do not think it means what you think it
means."

You also keep talking about the fact that it is not truly impossible
to use gets() safely (given certain nonportable situations). While
this may be literally true, I strongly suspect that we could count the
number of totally safe usages using our hands. Even when it really
/is/ safe, the *huge* majority of safety-conscious coders will /still/
refuse to use it. I expect that the safe use of it is so incredibly
rare, you're worrying about nothing.

In any case, as has already been pointed out by more than one person,
simply removing it from the Standard is certainly /not/ going to
"suddenly break" all the existing legacy code.

The changes from C90 to C99 were /far/ more likely to break migrated
code than the removal of gets() would be.