[TriLUG] a C question (overkill)

Greg Brown gregbrown at mindspring.com
Wed Oct 23 12:33:43 EDT 2002 

Yes, yes... this is excellent.  I will read the FAQ of comp.lang.c as well as 
digest this program to see what you've done and how.

I love this list!

Thanks!

Greg


On Wednesday 23 October 2002 10:58 am, you wrote:
> Here is the overkill version of your program.  It checks for buffer
> overflow and shows two way to get the text into the program.
>
> #include <stdio.h>				/* needed for file input and output			*/
> #include <stdlib.h>				/* needed for malloc and free if you use them		*/
>
> #define STR_LENGTH	256			/* define the maximum string input length		*/
>
> #define ALLOC_MEM	1			/* comment this line out if you want to avoid
> malloc	*/
>
> int main(int argc, char *argv[])		/* do not worry about argc and argv at
> this time	*/
> {
> #ifdef ALLOC_MEM					/* only one text variable will be used		*/
> 	char			*text;			/* Folks will argue which way is better		*/
> 							/* this way leaves the stack small, which is	*/
> 							/* good for debuging.  Stack overflows can be	*/
> 							/* hard to find.				*/
> #else
> 	char			text[STR_LENGTH];	/* in this small of a progam it does not
> matter	*/ /* if you use the stack, but you may get into	*/
> 							/* bad habits.					*/
> #endif
>
> 	int			fav_num;		/* integer variable for your input integer	*/
> 	char			*ret_str;		/* string returned from fgets function		*/
> 	int			ret_int;		/* number of fields converted from sscanf	*/
>
> #ifdef ALLOC_MEM
> 	text = malloc(STR_LENGTH);		/* get the memory for the text input
> variable	*/ if (text == NULL)			/* check to make sure you got your
> memory	*/
> 	{
> 		fprintf(stderr, "Could not get the memory for some odd reason.\n");
> 		exit(-1);
> 	}
> #endif
>
> 	printf("What is your favorite number?\n");	/* prompt the user to enter a
> number	*/
> 	ret_str = fgets(text, STR_LENGTH, stdin);	/* get the input string, limit
> the input to STR_LENGTH	*/
> 							/* characters this will solve buffer overflow problems	*/
> 	if (ret_str == NULL)				/* check for nothing entered		*/
> 	{
> 		fprintf(stderr, "Could not read input string for some odd reason\n");
> 		exit(-2);
> 	}
>
> 	ret_int = sscanf(text, "%d", &fav_num);		/* take the input string and read
> the first field as an integer	*/
> 	if (ret_int != 1)
> 	{
> 		fprintf(stderr, "You did not input a integer as the first part of the
> input string.\n");
> 		exit(-3);
> 	}
>
> 	printf("\n\nYour favorite number is %d\n\n", fav_num);
>
> #ifdef ALLOC_MEM					/* free memory from text input for other use	*/
> 	free(text);					/* some say you should do this, but when the 	*/
> 							/* program ends the OS will do it for you	*/
> #endif
>
> 	return(0);
> }
> ___________________________________________________________________________
>_ P. L. Charles Fischer                                     
> fischer at zedec.com VOX: 919.465.2306	800.894.0058
> ZEDEC Technologies                                         FAX:
> 919.465.2309
> ___________________________________________________________________________
>_
>
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html

More information about the TriLUG mailing list