tech-userlevel: Re: proposal: disable *printf %n specifier in libc in NetBSD 1.5

Subject: Re: proposal: disable *printf %n specifier in libc in NetBSD 1.5
To: =?ISO-8859-2?Q?Jarom=EDr_Dole=E8ek?= <dolecek@ibis.cz>
From: Zdenek Salvet <salvet@ics.muni.cz>
List: tech-userlevel
Date: 09/13/2000 23:31:52

> Agreed. Using gets() can never be safe. 

False, there is no requirement that stdin must be used only for unsafe
(nonvalidated) data.  My_process1 | my_process2 etc.

> Standardizing this lousy
> function was one of serious mistakes of ANSI C.

Standardizing of crash_computer() would be serious mistake, but gets()
is not a problem. Nobody is forced to use it and it can't do anything
that could not be done without gets().

-- 
Zdenek Salvet                                              salvet@ics.muni.cz 
Ustav vypocetni techniky Masarykovy univerzity, Brno
tel.: ++420-5-41 512 257                           fax: ++420-5-41 212 747
----------------------------------------------------------------------------
         God isn't dead, He's just trying to avoid the draft.