README update, warning.c commenting
This commit is contained in:
parent
9e52cac031
commit
17d671e908
|
@ -2,9 +2,15 @@
|
||||||
This Repository features C source code i wrote to learn c. Currently the most advanced program included is an
|
This Repository features C source code i wrote to learn c. Currently the most advanced program included is an
|
||||||
unfinished implementation of the huffman algorithm.
|
unfinished implementation of the huffman algorithm.
|
||||||
|
|
||||||
Some programs make use of outdated and unsafe functions such as gets() or scanf(), which **should never be used**.
|
Some programs make use of outdated and unsafe functions such as `gets()` or `scanf()`, which **should never be used**.
|
||||||
That is the case, because we were teached to use some of these in programming classes. Ideally, all uses
|
That is the case, because we were teached to use some of these in programming classes. Ideally, all uses
|
||||||
of these unsafe functions should include a comment explaining why this is bad and also include and implemented
|
of these unsafe functions should include a comment explaining why this is bad and also include and implemented
|
||||||
alternative, but that may not always be the case.
|
alternative, but that may not always be the case.
|
||||||
|
|
||||||
All code in this Repository was written on and for a Linux x86_64 system. It might not work on other systems.
|
All code in this Repository was written on and for a Linux x86_64 system. It might not work on other systems.
|
||||||
|
|
||||||
|
### Note:
|
||||||
|
|
||||||
|
`scanf()` is not inherently unsafe, but must be handled very careful and isn't recommended by most, so i have
|
||||||
|
chosen to classify it as unsafe. If you know exactly what you are doing using `scanf()` seems to be acceptable.
|
||||||
|
I consider the use of `scanf()` to be bad practice.
|
||||||
|
|
10
warning.c
10
warning.c
|
@ -2,8 +2,14 @@
|
||||||
|
|
||||||
int main(){
|
int main(){
|
||||||
char s[2];
|
char s[2];
|
||||||
// produce warning, char* s is too small for the following fgets instruction
|
/*
|
||||||
fgets(s, 10, stdin);
|
* The following line of code is unsafe. It writes up to 10 bytes into the char array 's', which is only
|
||||||
|
* 2 Bytes big. A Buffer Overflow can happen. I have chosen to keep that line, because i wanted a source
|
||||||
|
* file that produces a compiler warning when it is compiled. That is the true purpose of this file.
|
||||||
|
*
|
||||||
|
* a safe alternative would be: fgets(s, 2, stdin);
|
||||||
|
*/
|
||||||
|
fgets(s, 10, stdin); // UNSAFE
|
||||||
printf("%s\n",s);
|
printf("%s\n",s);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue