Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > how to store strings of any length into an array of type char*?

Reply
Thread Tools

how to store strings of any length into an array of type char*?

 
 
Flash Gordon
Guest
Posts: n/a
 
      05-18-2005
http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> here's a sample code:
>
> int main()
> {
> char *array[SIZE][1];
>
> for(int i = 0; i < SIZE; i++)
> gets(a[i][0]);


Wrong for at *least* two reasons. One of which I am sure you have been
told before. a[i][0] has not been initialised, so where it points to is
completely random.

gets should never be used because there is no way to specify the buffer
size.

> for(i = 0; i < SIZE; i++){
> for(int j = 0; *(a[i][0] + j) != '\0'; j++)
> printf("%c", *(a[i][0] + j));
> printf("\n");
> }
> return 0;
> }
> when one enters strings (which may contain white spaces) one by one (of
> course, one has to define the constant SIZE first) then the program
> prints all the different strings of different lengths (the maximum
> length of any string is not specified in the code, and this is the
> point) one after another.
> a word of caution, though. this code runs fine on my Turbo C++ IDE
> (version 3.0) compiler but not on my Turbo C++ (version 4.5) compiler.
> so, yes, it may not run on all compilers.


As you were told with previous attempts. It might not work tomorrow. It
might not work later today. It might not work if you run it outside the
IDE. It might not work if you run a different program before running it.
If you are running a poor multi-tasking operating system such as Windows
9x, it might cause some *other* program to crash.

If you want to read a string of arbitrary length the *only* way to do it
is by reading it a bit at a time increasing the size of the buffer as
you go. People have written routines to do this such as, IIRC, ggets,
but they are *not* part of the C language and they do what I've just
described.
--
Flash Gordon
Living in interesting times.
Although my email address says spam, it is real and I read it.
 
Reply With Quote
 
 
 
 
Keith Thompson
Guest
Posts: n/a
 
      05-18-2005
CBFalconer <(E-Mail Removed)> writes:
[...]
> This code is fatally flawed. It is storing data via uninitialized
> pointers, and can do absolutely anything, including appearing to
> work. It also uses gets, which is always a fatal error, because it
> is uncontrollable. So even if you initialize the pointers behavior
> will remain undefined.


A small quibble:

The gets() function is dangerous, evil, and its mother dresses it
funny. It should never be used. But a call to gets() invokes
undefined behavior *only* if the input happens to overflow the buffer.

Behavior that's undefined only for certain inputs isn't much better
than behavior that's always undefined, but it's an important
distinction.

The one argument I've seen for keeping gets() in the language is that
it can be used safely *if* you have complete control over the contents
of stdin. For example, if the program is part of a system that
(though means outside the language) creates an input file and then
executes the program with stdin redirected from that file, with no
interactive user input, gets() can be used "safely".

--
Keith Thompson (The_Other_Keith) (E-Mail Removed) <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
 
Reply With Quote
 
 
 
 
Michael Wojcik
Guest
Posts: n/a
 
      05-19-2005

In article <(E-Mail Removed)>, Keith Thompson <(E-Mail Removed)> writes:
>
> The one argument I've seen for keeping gets() in the language is that
> it can be used safely *if* you have complete control over the contents
> of stdin. For example, if the program is part of a system that
> (though means outside the language) creates an input file and then
> executes the program with stdin redirected from that file, with no
> interactive user input, gets() can be used "safely".


It's still unsafe in that hypothetical design (without assuming
significant additional constraints), because it's vulnerable to
TOCTOU (Time of Creation versus Time of Use) attacks, for example.

If I understand correctly, you're not arguing for using gets even in
this sort of application, merely citing an argument you've seen
elsewhere, so this shouldn't be taken as anything more than a demon-
stration of why arguments for "safely using gets" require situations
so contrived that they're largely moot. In practice, even using gets
with "controlled" input is dangerous, because in practice it's very
hard to completely control input.

--
Michael Wojcik (E-Mail Removed)

Recently, they appeared at the reopening of the Brookdale Library,
luring passersby with the opportunity to be anonymously silly.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
501 PIX "deny any any" "allow any any" Any Anybody? Networking Student Cisco 4 11-16-2006 10:40 PM
How to generate k+1 length strings from a list of k length strings? Girish Sahani Python 17 06-09-2006 11:01 AM
How to store strings from a file into an array? Newbie Randy Lovelace C Programming 5 05-22-2005 05:03 AM
How to input strings of any lengths into arrays of type: char *array[SIZE] ? arkobose@gmail.com C Programming 7 05-15-2005 08:00 PM



Advertisments