If you used it once, saw the warning and kept using it, you’re making a mistake.
Buffer overflow
The function gets()
receives a variable that functions as a buffer. That is, a variable is created and passed to the function that will put a value on it. When the variable is created it has a specific size. This function has no measure to ensure that the value does not exceed the variable size. The C language itself lacks mechanisms that guarantee the limit of the size of the object contained in the variable.
The bursting of buffer occurs when the value obtained (in device reading) is greater than the size reserved for the variable. So the function writes in an area that’s reserved for something else. Being able to write where it shouldn’t it allows the execution to be tampered with and the code ends up doing something unexpected, opening security gaps.
The "hackers" take advantage of this failure to send data that they know will overwrite memory improperly. Understanding the memory positions that the application will be using in a given situation it can send a code or modify a data that will execute an improper code that is not part of the expected functioning in the application, such as enabling a login even without a correct password.
Solution
The great advantage of the function fgets()
and other similar is that one of its parameters says the size of the buffer and the function ensures that it will not exceed this limit, even if the value it is receiving is higher. This way the data cannot interfere in other areas of memory.
Other hazardous functions
Also be careful with (follow the "safe" alternative already existing in the standard):
strcpy()
-> strncpy()
strcat()
-> strncat()
strlen()
-> strnlen()
strcmp()
-> strncmp()
strdup()
-> strndup()
wcscpy()
-> wcsncpy()
wcslen()
-> wcsnlen()
sprintf()
-> snprintf()
Others that may be bad in some situations: - scanf()
, getwd()
, realpath()
atoi()
, memcpy()
, strtok()
,
Some of these functions have dangerous variations as well. Note that the alternative is not guaranteed safe, they only have a slightly better mechanism, they do not replace the correct use of them and additional checks.
Some are dangerous and prone to bursting buffer only if misused. A gets()
really is dangerous no matter what the programmer does.
Obviously I don’t venture to say that this is a complete list.
The wikipedia article seems to me quite complete. (The Portuguese version also has plenty of content if you prefer)
– hugomg
But I prefer the answer to be here, rsrs.
– Wallace Maxters