Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 31
- There are several potential problems with this code.
- First, it assumes a tty environment. That may be fine if
- the assumption is true, but what if this code is called
- from a GUI environment where neither stderr nor
- stdin is open ?
- Second, there is the problematic gets, which will write
- as many characters as it receives into the buffer
- passed in. Malicious users have used this failing to
- create buffer overrun security holes in many different
- systems. Never use gets().
- Third, the code assumes the user understands English.
- Finally, no one in their right mind would ever bury user
- interaction such as this in a library routine
- 32
- POSIX strcpy isn't guaranteed to work for
- overlapping strings. It might happen to work on some
- architectures, but only by coincidence
- 33
- It won't work in an applet context with security
- restrictions against writing to the local disk. Again,
- when you have a choice of running in GUI contexts or
- not, you may want to check dynamically to see what
- the current environment is like. In this case, you may
- want to put a log file somewhere other than the local
- disk if it isn't accessible.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement