This is C.

1. My question is how would I read in an integer securely from stdin.

I saw the following snippets:
http://www.daniweb.com/code/snippet441.html
http://www.daniweb.com/code/snippet597.html

Would those functions protect from integer overflows/underflows AND format string attacks?


2. What about strings?
Does a simple use of fgets protect from buffer overflows AND format string attacks?

Would those functions protect from integer overflows/underflows

yes -- did you read those links you posted?

AND format string attacks?

:?: are we playing packman game here?

2. What about strings?
Does a simple use of fgets protect from buffer overflows AND format string attacks?

buffer overflows -- yes. Again, I don't know what a "string attack" is.

> Does a simple use of fgets protect from buffer overflows
Only so long as you're honest about the size of your buffer.

char buff[10];
fgets( buff, 100, stdin );

Isn't any better than gets()
OK, it's limited damage compared to gets(), but it's still a hell of a lot worse than no damage at all.

> AND format string attacks?
fgets() doesn't use format strings, so it's not an issue.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.