Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!ucsd!usc!apple!oliveb!tymix!tardis!jms
From: jms@tardis.Tymnet.COM (Joe Smith)
Newsgroups: comp.sys.amiga
Subject: Re: C scanf question
Summary: scanf dies on bogus input
Message-ID: <455@tardis.Tymnet.COM>
Date: 24 Jul 89 07:19:57 GMT
References: <20201@louie.udel.EDU>
Reply-To: jms@tardis.Tymnet.COM (Joe Smith)
Organization: McDonnell Douglas Field Service Co, San Jose CA
Lines: 22

In article <20201@louie.udel.EDU> MROBINSON@wash-vax.bbn.com writes:
>[Charles Brown made a comment that the scanf family was ill-suited to
> parsing lines]
>First, I can't see anything wrong with the original code.  Then again, I
>don't know much about Lattice C.  I use scanf a bit, though, and wanted to
>pass on some knowledge. 

You forgot to pass on the most important reason for NOT using scanf.
If you have "char line[80]" and use fscanf(f,"%s",line), what happens if
the input has more than 80 consecutive characters without a tab, blank
or newline?  The answer is that some poor variable in your program may
be changed.  And if the input is several K of nonblanks, fscanf will
cheerfully overwrite your stack and maybe your entire program as will.

The only safe way to use the scanf family on untrustworthy data is to
use sscanf on a string read by fgets or equivalent.

-- 
Joe Smith (408)922-6220 | SMTP: JMS@F74.TYMNET.COM or jms@tymix.tymnet.com
McDonnell Douglas FSCO  | UUCP: ...!{ames,pyramid}!oliveb!tymix!tardis!jms
PO Box 49019, MS-D21    | PDP-10 support: My car's license plate is "POPJ P,"
San Jose, CA 95161-9019 | narrator.device: "I didn't say that, my Amiga did!"