3
Contributors
2
Replies
3
Views
10 Years
Discussion Span
Last Post by Salem
0

Would those functions protect from integer overflows/underflows

yes -- did you read those links you posted?

AND format string attacks?

:?: are we playing packman game here?

2. What about strings?
Does a simple use of fgets protect from buffer overflows AND format string attacks?

buffer overflows -- yes. Again, I don't know what a "string attack" is.

0

> Does a simple use of fgets protect from buffer overflows
Only so long as you're honest about the size of your buffer.

char buff[10];
fgets( buff, 100, stdin );

Isn't any better than gets()
OK, it's limited damage compared to gets(), but it's still a hell of a lot worse than no damage at all.

> AND format string attacks?
fgets() doesn't use format strings, so it's not an issue.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.