Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Error need help
Top Forums Programming Error need help Post 302079987 by Corona688 on Friday 14th of July 2006 10:46:56 AM
Old 07-14-2006
Without seeing util.c I can't know what it's using gets for. gets reads a string from standard input, storing it as a character array terminated by a NULL character.

The problem with gets is that it takes an unlimited amount of input. It does not know how much space is available in the buffer. For instance:
Code:
#include <stdio.h>
int main()
{
  char buf[16];
  gets(buf);
  printf("You typed %s\n",buf);
  return(0);
}

If I typed "486193474587130958712057190856714890651618476" and hit enter, it would dump that entire string into that buffer of 16 bytes, which obviously isn't large enough to hold it. The remainder of it would get crammed into whatever bytes of memory trail after the buffer, which may be unused, or used for other variables, or part of the call stack, etc. When overflows like this happen they can be VERY hard to debug since by nature buffer overflows overwrite memory they're not supposed to. It's also a security risk -- if someone knows there's a buffer they can overflow, they can write to variables after it in memory, setting them to whatever values they want!

This is much safer:
Code:
#include <stdio.h>

int main()
{
  char buf[16];
  fgets(buf,16,stdin);
  printf("You typed %s\n",buf);
  return(0);
}

This will not overflow the buffer, it will only read a maximum of 15 bytes.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Error: Internal system error: Unable to initialize standard output file

Hey guys, need some help. Running AIX Version 5.2 and one of our cron jobs is writing errors to a log file. Any ideas on the following error message. Error: Internal system error: Unable to initialize standard output file I'm guessing more info might be needed, so let me know. Thanks (2 Replies)
Discussion started by: firkus
2 Replies

2. UNIX for Dummies Questions & Answers

awk Shell Script error : "Syntax Error : `Split' unexpected

hi there i write one awk script file in shell programing the code is related to dd/mm/yy to month, day year format but i get an error please can anybody help me out in this problem ?????? i give my code here including error awk ` # date-month -- convert mm/dd/yy to month day,... (2 Replies)
Discussion started by: Herry
2 Replies

3. UNIX for Advanced & Expert Users

VSI-FAX error - Cannot login to server and Connecto error to host

I encounters a VSIFAX related error: vfxstat: Cannot login to server on rsac3: Connect error to host 172.16.1.45: Invalid argument It started happening last night with a core dump. Then we can't start VSIFAX again. I am runing VSI-FAX 4.2 on AIX box (0 Replies)
Discussion started by: b_jin
0 Replies

4. AIX

nim mksysb error :/usr/bin/savevg[33]: 1016,07: syntax error

-------------------------------------------------------------------------------- Hello, help me please. I am trying to create a mksysb bakup using nim. I am geting this error, how to correct it ? : Command : failed stdout: yes stderr: no... (9 Replies)
Discussion started by: astjen
9 Replies

5. Solaris

fssnap error :snapshot error: File system could not be write locked

Hi Guys. This is part of my filesystem structure : Filesystem size used avail capacity Mounted on /dev/md/dsk/d0 47G 5.2G 42G 12% / /devices 0K 0K 0K 0% /devices ctfs 0K 0K 0K 0% ... (2 Replies)
Discussion started by: aggadtech08
2 Replies

6. UNIX for Advanced & Expert Users

ssh error: Error reading response length from authentication socket

Hi - I am getting the error `Error reading response length from authentication socket' when I ssh from my cluster to another cluster, and then back to my cluster. It doesn't seem to affect anything, but it's just annoying that it always pops up and tends to confuse new users of the cluster. I... (1 Reply)
Discussion started by: cpp6f
1 Replies

7. UNIX for Dummies Questions & Answers

> 5 ")syntax error: operand expected (error token is " error

im kinda new to shell scripting so i need some help i try to run this script and get the error code > 5 ")syntax error: operand expected (error token is " the code for the script is #!/bin/sh # # script to see if the given value is correct # # Define errors ER_AF=86 # Var is... (4 Replies)
Discussion started by: metal005
4 Replies

8. Shell Programming and Scripting

What is this error log = hda: irq timeout: error=0x00 and how to solve?

what is this error log = hda: irq timeout: error=0x00 and how to solve? every day upon checking the logs i see this error. hda: irq timeout: error=0x00 hda: irq timeout: error=0x00 hda: irq timeout: error=0x00 hda: irq timeout: error=0x00 hw_client: segfault at 0000000000000046 rip... (3 Replies)
Discussion started by: avtalan
3 Replies

9. Solaris

Rpcinfo: can't contact portmapper: RPC: Authentication error; why = Failed (unspecified error)

I have two servers with a fresh install of Solaris 11, and having problems when doing rpcinfo between them. There is no firewall involved, so everything should theoretically be getting through. Does anyone have any ideas? I did a lot of Google searches, and haven't found a working solution yet. ... (2 Replies)
Discussion started by: christr
2 Replies

10. UNIX for Beginners Questions & Answers

Print Error in Console and both Error & Output in Log file - UNIX

I am writing a shell script with 2 run time arguments. During the execution if i got any error, then it needs to redirected to a error file and in console. Also both error and output to be redirected to a log file. But i am facing the below error. #! /bin/sh errExit () { errMsg=`cat... (1 Reply)
Discussion started by: sarathy_a35
1 Replies

LEARN ABOUT SUNOS

setbuf

setbuf(3C)						   Standard C Library Functions 						setbuf(3C)

NAME

       setbuf, setvbuf - assign buffering to a stream

SYNOPSIS

       #include <stdio.h>

       void setbuf(FILE *stream, char *buf);

       int setvbuf(FILE *stream, char *buf, int type, size_t size);

DESCRIPTION

       The  setbuf()  function	may  be  used  after the stream pointed to by stream (see intro(3)) is opened but before it is read or written. It
       causes the array pointed to by buf to be used instead of an automatically allocated buffer. If buf is the null pointer,	input/output  will
       be completely unbuffered.  The constant	BUFSIZ, defined in the <stdio.h> header, indicates the size of the array pointed to by buf.

       The  setvbuf()  function  may be used after a stream is opened  but before it is read or written.  The type argument determines how  stream
       will be buffered. Legal values for  type (defined in <stdio.h>) are:

       _IOFBF	       Input/output to be fully buffered.

       _IOLBF	       Output to be line buffered;  the buffer will be flushed when a NEWLINE  is  written,  the  buffer  is  full,  or  input	is
		       requested.

       _IONBF	       Input/output to be completely unbuffered.

       If  buf is not the null pointer, the array it points to will be used for buffering, instead of an automatically allocated buffer.  The size
       argument specifies the size of the buffer to be used. If input/output is unbuffered,  buf and  size are ignored.

       For a further discussion of buffering, see stdio(3C).

RETURN VALUES

       If an illegal value for	type is provided, setvbuf() returns a non-zero value.	Otherwise, it returns 0.

USAGE

       A common source of error is allocating buffer space as an "automatic" variable in a code block, and then failing to close the stream in the
       same block.

       When  using  setbuf(), buf should always be sized using BUFSIZ. If the array pointed to by buf is larger than BUFSIZ, a portion of buf will
       not be used.  If buf is smaller than BUFSIZ, other memory may be unexpectedly overwritten.

       Parts of buf will be used for internal bookkeeping of the stream and, therefore, buf will contain less than size bytes  when  full.  It	is
       recommended that  stdio(3C) be used to handle buffer allocation when using setvbuf().

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Standard			   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |MT-Safe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       fopen(3C), getc(3C), malloc(3C), putc(3C), stdio(3C), attributes(5), standards(5)

SunOS 5.10							    14 Aug 2002 							setbuf(3C)
All times are GMT -4. The time now is 02:29 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy