书本上奇怪的程序

C、C++和Java语言
回复
w3484732
帖子: 36
注册时间: 2007-05-11 19:48
来自: 湖北襄樊
送出感谢: 0
接收感谢: 0
联系:

书本上奇怪的程序

#1

帖子 w3484732 » 2008-06-30 20:40

书上列出一个程序:
/*ex02-05.c*/
#include<stdio.h>
#include<string.h>
int main(void)
{
char buffer[256];

printf("Enter your name and press<Enter>:\n");
gets(buffer);

printf("\nYour name has %d characters and spaces!",
strlen(buffer));

return 0;
}
但是我用gcc编译此程序时gcc出现:
wangxuyuan@wangxuyuan-laptop:~$ gcc 2.6.5.c -o 1111
/tmp/ccFt2gvY.o: In function `main':
2.6.5.c:(.text+0x35): warning: the `gets' function is dangerous and should not be used.
wangxuyuan@wangxuyuan-laptop:~$ gcc 1111.c -o 11111
/tmp/cchUaoXK.o: In function `main':
1111.c:(.text+0x35): warning: the `gets' function is dangerous and should not be used.
wangxuyuan@wangxuyuan-laptop:~$ gcc 1111.c -o 11111
/tmp/cciQnJim.o: In function `main':
1111.c:(.text+0x35): warning: the `gets' function is dangerous and should not be used.
wangxuyuan@wangxuyuan-laptop:~$ gcc 1111.c -o 11111
/tmp/ccH34uXW.o: In function `main':
1111.c:(.text+0x35): warning: the `gets' function is dangerous and should not be used.
wangxuyuan@wangxuyuan-laptop:~$ gcc 1111.c -o 11111
/tmp/ccOtLpDD.o: In function `main':
1111.c:(.text+0x35): warning: the `gets' function is dangerous and should not be used.
wangxuyuan@wangxuyuan-laptop:~$
每回编译时提示是不一样的,在此程序是没有经过改变的!
这是怎么回事阿?????能给解释一下么?
头像
upsuper
帖子: 361
注册时间: 2008-06-08 13:31
来自: 福州
送出感谢: 0
接收感谢: 1 次
联系:

#2

帖子 upsuper » 2008-06-30 20:53

/tmp/*.o 都是临时文件,本身就是随机生成的文件名
头像
牙签儿
帖子: 509
注册时间: 2007-06-30 0:27
送出感谢: 0
接收感谢: 1 次

#3

帖子 牙签儿 » 2008-06-30 22:27

只是个警告而而已,程序是可以正确运行的。这里有说明:http://bytes.com/forum/thread710231.html
flyinflash
帖子: 2376
注册时间: 2006-09-21 14:28
送出感谢: 0
接收感谢: 0

#4

帖子 flyinflash » 2008-07-02 1:42

http://wiki.ubuntu.org.cn/index.php?tit ... iant=zh-cn

代码: 全选

man gets
GETS(3) Linux Programmer’s Manual GETS(3)
...
Never use gets(). Because it is impossible to tell without knowing the data in advance how many charac‐
ters gets() will read, and because gets() will continue to store characters past the end of the buffer,
it is extremely dangerous to use. It has been used to break computer security. Use fgets() instead.
...
1991 年,一个骇客利用 gets 溢出编写了一个蠕虫,曾轰动一时。

应使用 fgets 代替 gets

代码: 全选

...
//       char *fgets(char *s, int size, FILE *stream);
fgets(buffer, 256, stdin);
...
回复

回到 “C/C++/Java”