Path: utzoo!attcan!uunet!husc6!cmcl2!adm!smoke!gwyn From: gwyn@smoke.BRL.MIL (Doug Gwyn ) Newsgroups: comp.lang.c Subject: Re: retiring gets(3) Message-ID: <8876@smoke.BRL.MIL> Date: 14 Nov 88 07:21:50 GMT References: <8841@smoke.BRL.MIL> <1988Nov11.232629.15414@utstat.uucp> Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) ) Organization: Ballistic Research Lab (BRL), APG, MD. Lines: 50 In article <1988Nov11.232629.15414@utstat.uucp> geoff@utstat.uucp (Geoff Collyer) writes: >> From: gwyn@smoke.BRL.MIL (Doug Gwyn ) >> gets() is deliberately required for ANSI C standard conformance because >> a LOT of existing code relies on it. >That's the whole point, Doug. People *should* fix their existing code; >it's unsafe. Bullshit. When I use gets() I use it safely. >> Any vendor who omits this function >> will not be standard conforming and will not sell its compiler to those >> (expected to be MANY customers) who specify standard conformance. >Once the standards are changed, their code *will* be standard-conforming. The standard is not going to change. This proposal has been debated and rejected by X3J11 on more than one occasion. (See my first sentence quoted above.) >> Even if your philosophy is right, you should get others to go along with >> it BEFORE trying to force them to conform to it. >That's what I'm trying to do now: get people to agree, and then act on >that agreement. It has already been tried, and failed. >> By the way, have you removed scanf() from your C library as well? Or >> sprintf()? Or strcpy()? They can be misused in the same way as gets(). >No, I have not; all of these functions *can* be used safely, though it >does take a little extra care. The point is that gets() *can* *not* be >used safely; a dedicated opponent can *always* defeat a program that >reads with gets(). I already said "bullshit" to this so I need not repeat it here. gets() has legitimate uses. It is in the library Base Document. It is widely used in existing code (sometimes safely, sometimes not). It stays. You seem to want to protect the programmer who is too stupid to protect himself. This is a dangerous thing to attempt where C is concerned. My god, pointers can really be abused -- maybe we better get rid of them too. The right thing to do, as I said before, is to eductae craftsmen in the proper use of their tools so they don't hurt themselves or their customers.