scanf (yes/no) - doesn't work + deprecation errors scanf, fopen etc.

Discussion in 'C Programming' started by =?ISO-8859-1?Q?Martin_J=F8rgensen?=, Feb 16, 2006.

  1. Hi,

    Consider:
    ------------
    char stringinput[64]

    ..bla. bla. bla.

    do
    {
    printf("Write to result.txt (y/n)? ");
    scanf("%s", stringinput);
    }
    while (writechar != 'y' || != 'n');


    The compiler complaints. It says: error C2059: syntax error : '!='

    Another problem is that MS VS 2005 keeps complaining about deprecated
    commands such as:

    1. warning C4996: 'fscanf' was declared deprecated.......: see
    declaration of 'fscanf' - Message: 'This function or variable may be
    unsafe. Consider using fscanf_s instead. To disable deprecation, use
    _CRT_SECURE_NO_DEPRECATE. See online help for details.'

    2. warning C4996: 'scanf' was declared deprecated: see declaration of
    'scanf'... Message: 'This function or variable may be unsafe. Consider
    using scanf_s instead. To disable deprecation, use ...

    3. warning C4996: 'fopen' was declared deprecated.... : see declaration
    of 'fopen' Message: 'This function or variable may be unsafe. Consider
    using fopen_s instead. To disable deprecation, use
    _CRT_SECURE_NO_DEPRECATE. See online help for details.'


    How do I fix these problems? Sorry, but I'm not very experienced with C
    programming.


    Med venlig hilsen / Best regards
    Martin Jørgensen

    --
    ---------------------------------------------------------------------------
    Home of Martin Jørgensen - http://www.martinjoergensen.dk
    =?ISO-8859-1?Q?Martin_J=F8rgensen?=, Feb 16, 2006
    #1
    1. Advertising

  2. Martin Jørgensen wrote:
    [...]
    > while (writechar != 'y' || != 'n');
    >
    > The compiler complaints. It says: error C2059: syntax error : '!='


    Of course! If _what_ is not equal to 'n'?

    I assume you meant:

    while (writechar != 'y' && writechar != 'n');

    That is, until writechar is either 'y' or 'n'. Is that what you meant?

    Remember that you need "&&" for "and", not "||" for "or". Otherwise,
    the statement will always be true, as it can't be equal to both.

    [...]

    --
    +-------------------------+--------------------+-----------------------------+
    | Kenneth J. Brody | www.hvcomputer.com | |
    | kenbrody/at\spamcop.net | www.fptech.com | #include <std_disclaimer.h> |
    +-------------------------+--------------------+-----------------------------+
    Don't e-mail me at: <mailto:>
    Kenneth Brody, Feb 16, 2006
    #2
    1. Advertising

  3. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Broeisi Guest

    Martin Jørgensen wrote:

    > Hi,
    >
    > Consider:
    > ------------
    > char stringinput[64]
    >
    > .bla. bla. bla.
    >
    > do
    > {
    > printf("Write to result.txt (y/n)? ");
    > scanf("%s", stringinput);
    > }
    > while (writechar != 'y' || != 'n');

    This should be :
    while (writechar != 'y' || writechar != 'n');

    >
    >
    > The compiler complaints. It says: error C2059: syntax error : '!='
    >
    > Another problem is that MS VS 2005 keeps complaining about deprecated
    > commands such as:
    >
    > 1. warning C4996: 'fscanf' was declared deprecated.......: see
    > declaration of 'fscanf' - Message: 'This function or variable may be
    > unsafe. Consider using fscanf_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >
    > 2. warning C4996: 'scanf' was declared deprecated: see declaration of
    > 'scanf'... Message: 'This function or variable may be unsafe. Consider
    > using scanf_s instead. To disable deprecation, use ...
    >
    > 3. warning C4996: 'fopen' was declared deprecated.... : see declaration
    > of 'fopen' Message: 'This function or variable may be unsafe. Consider
    > using fopen_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >
    >
    > How do I fix these problems? Sorry, but I'm not very experienced with C
    > programming.
    >
    >
    > Med venlig hilsen / Best regards
    > Martin Jørgensen
    >
    Broeisi, Feb 16, 2006
    #3
  4. "Martin Jørgensen" <> wrote in message
    news:...
    > Hi,
    >
    > Consider:
    > ------------
    > char stringinput[64]
    >
    > .bla. bla. bla.
    >
    > do
    > {
    > printf("Write to result.txt (y/n)? ");
    > scanf("%s", stringinput);
    > }
    > while (writechar != 'y' || != 'n');


    What is writechar? Presumabley of type char.

    The snippet !='n' is illegal syntax after the || operator.
    You can't say "a is not b or not c", you must say
    "a is not b or a is not c"
    or, better yet,
    "(a is not b) or (a is not c)"

    Also, the logic here is probably not what you want, since
    (writechar != 'y') || (writechar != 'n')
    is always true. You probably want && instread of ||

    <snip>>
    > Med venlig hilsen / Best regards
    > Martin Jørgensen
    >
    > --
    > ---------------------------------------------------------------------------
    > Home of Martin Jørgensen - http://www.martinjoergensen.dk


    --
    Fred L. Kleinschmidt
    Boeing Associate Technical Fellow
    Technical Architect, Software Reuse Project
    Fred Kleinschmidt, Feb 16, 2006
    #4
  5. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Broeisi Guest

    This code will do what you want...

    #include <stdio.h>

    int main(void)
    {
    char stringInput;

    do
    {
    printf("\nWrite to result.txt (y/n)? ");
    stringInput = getchar();
    __fpurge(stdin); // clear the stdin to strip off the previous newline char.
    }
    while (stringInput != 'y' && stringInput != 'n');

    printf("Thank you very much\n");

    return 0;
    }

    greetzz,

    Broeisi

    Martin Jørgensen wrote:

    > Hi,
    >
    > Consider:
    > ------------
    > char stringinput[64]
    >
    > .bla. bla. bla.
    >
    > do
    > {
    > printf("Write to result.txt (y/n)? ");
    > scanf("%s", stringinput);
    > }
    > while (writechar != 'y' || != 'n');
    >
    >
    > The compiler complaints. It says: error C2059: syntax error : '!='
    >
    > Another problem is that MS VS 2005 keeps complaining about deprecated
    > commands such as:
    >
    > 1. warning C4996: 'fscanf' was declared deprecated.......: see
    > declaration of 'fscanf' - Message: 'This function or variable may be
    > unsafe. Consider using fscanf_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >
    > 2. warning C4996: 'scanf' was declared deprecated: see declaration of
    > 'scanf'... Message: 'This function or variable may be unsafe. Consider
    > using scanf_s instead. To disable deprecation, use ...
    >
    > 3. warning C4996: 'fopen' was declared deprecated.... : see declaration
    > of 'fopen' Message: 'This function or variable may be unsafe. Consider
    > using fopen_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >
    >
    > How do I fix these problems? Sorry, but I'm not very experienced with C
    > programming.
    >
    >
    > Med venlig hilsen / Best regards
    > Martin Jørgensen
    >
    Broeisi, Feb 16, 2006
    #5
  6. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Broeisi wrote:
    > This code will do what you want...


    Yep, you must be a mind reader or something :)

    > #include <stdio.h>
    >
    > int main(void)
    > {
    > char stringInput;
    >
    > do
    > {
    > printf("\nWrite to result.txt (y/n)? ");
    > stringInput = getchar();
    > __fpurge(stdin); // clear the stdin to strip off the previous newline char.
    > }
    > while (stringInput != 'y' && stringInput != 'n');
    >
    > printf("Thank you very much\n");
    >
    > return 0;
    > }
    >
    > greetzz,


    Thanks. But your program doesn't work on my pc. There was something
    wrong with "__fpurge(stdin);" - I use MS visual studio 2005.

    I'm still struggling with how to make the following work now:

    do
    {
    printf("Write to file? (y/n): ");
    }

    while (writechar != 'y' || writechar != 'n');

    Now I just made writechar of type "char". I don't know what to do with
    this return \n, but I assume it is a problem... Thanks for anything.

    BTW: Yep, you're all right. I made a stupid mistake before with the
    logical test...



    Med venlig hilsen / Best regards
    Martin Jørgensen

    --
    ---------------------------------------------------------------------------
    Home of Martin Jørgensen - http://www.martinjoergensen.dk
    =?ISO-8859-1?Q?Martin_J=F8rgensen?=, Feb 16, 2006
    #6
  7. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Al Balmer Guest

    On Thu, 16 Feb 2006 13:09:03 -0600, Broeisi <>
    wrote:

    >This code will do what you want...
    >
    >#include <stdio.h>
    >
    >int main(void)
    >{
    > char stringInput;
    >
    > do
    > {
    > printf("\nWrite to result.txt (y/n)? ");
    > stringInput = getchar();
    > __fpurge(stdin); // clear the stdin to strip off the previous newline char.

    ???__ fpurge? What page of the standard is that on?
    > }
    > while (stringInput != 'y' && stringInput != 'n');
    >
    > printf("Thank you very much\n");
    >
    > return 0;
    >}
    >
    >greetzz,
    >
    >Broeisi
    >
    >Martin Jørgensen wrote:
    >
    >> Hi,
    >>
    >> Consider:
    >> ------------
    >> char stringinput[64]
    >>
    >> .bla. bla. bla.
    >>
    >> do
    >> {
    >> printf("Write to result.txt (y/n)? ");
    >> scanf("%s", stringinput);
    >> }
    >> while (writechar != 'y' || != 'n');
    >>
    >>
    >> The compiler complaints. It says: error C2059: syntax error : '!='
    >>
    >> Another problem is that MS VS 2005 keeps complaining about deprecated
    >> commands such as:
    >>
    >> 1. warning C4996: 'fscanf' was declared deprecated.......: see
    >> declaration of 'fscanf' - Message: 'This function or variable may be
    >> unsafe. Consider using fscanf_s instead. To disable deprecation, use
    >> _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >>
    >> 2. warning C4996: 'scanf' was declared deprecated: see declaration of
    >> 'scanf'... Message: 'This function or variable may be unsafe. Consider
    >> using scanf_s instead. To disable deprecation, use ...
    >>
    >> 3. warning C4996: 'fopen' was declared deprecated.... : see declaration
    >> of 'fopen' Message: 'This function or variable may be unsafe. Consider
    >> using fopen_s instead. To disable deprecation, use
    >> _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >>
    >>
    >> How do I fix these problems? Sorry, but I'm not very experienced with C
    >> programming.
    >>
    >>
    >> Med venlig hilsen / Best regards
    >> Martin Jørgensen
    >>


    --
    Al Balmer
    Sun City, AZ
    Al Balmer, Feb 16, 2006
    #7
  8. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Broeisi <> writes:
    > This code will do what you want...
    >
    > #include <stdio.h>
    >
    > int main(void)
    > {
    > char stringInput;
    >
    > do
    > {
    > printf("\nWrite to result.txt (y/n)? ");
    > stringInput = getchar();
    > __fpurge(stdin); // clear the stdin to strip off the previous newline char.
    > }
    > while (stringInput != 'y' && stringInput != 'n');
    >
    > printf("Thank you very much\n");
    >
    > return 0;
    > }


    There is no __fpurge() function in standard C. If you want to consume
    the rest of the input line up to the new-line character, it's easy
    enought to do it in standard C.

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    We must do something. This is something. Therefore, we must do this.
    Keith Thompson, Feb 16, 2006
    #8
  9. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Martin Jørgensen <> writes:
    > Consider:
    > ------------
    > char stringinput[64]
    >
    > .bla. bla. bla.
    >
    > do
    > {
    > printf("Write to result.txt (y/n)? ");
    > scanf("%s", stringinput);
    > }
    > while (writechar != 'y' || != 'n');
    >
    >
    > The compiler complaints. It says: error C2059: syntax error : '!='
    >
    > Another problem is that MS VS 2005 keeps complaining about deprecated
    > commands such as:
    >
    > 1. warning C4996: 'fscanf' was declared deprecated.......: see
    > declaration of 'fscanf' - Message: 'This function or variable may be
    > unsafe. Consider using fscanf_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >
    > 2. warning C4996: 'scanf' was declared deprecated: see declaration of
    > 'scanf'... Message: 'This function or variable may be unsafe. Consider
    > using scanf_s instead. To disable deprecation, use ...
    >
    > 3. warning C4996: 'fopen' was declared deprecated.... : see
    > declaration of 'fopen' Message: 'This function or variable may be
    > unsafe. Consider using fopen_s instead. To disable deprecation, use
    > _CRT_SECURE_NO_DEPRECATE. See online help for details.'


    fscanf(), scanf(), and fopen() are standard functions. Your compiler
    is trying to tell you to replace them with fscanf_s(), scanf_s(), and
    fopen_s(), which are not standard. You can do so if you like, and the
    resulting code just might be safer, but it won't be portable (and we
    won't be able to help you with it here).

    If you want to program in standard C, you can disable the warnings;
    your compiler is telling you how to do that.

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    We must do something. This is something. Therefore, we must do this.
    Keith Thompson, Feb 16, 2006
    #9
  10. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    CBFalconer Guest

    Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Keith Thompson wrote:
    > Martin Jørgensen <> writes:
    >

    .... snip ...
    >>
    >> Another problem is that MS VS 2005 keeps complaining about deprecated
    >> commands such as:
    >>
    >> 1. warning C4996: 'fscanf' was declared deprecated.......: see
    >> declaration of 'fscanf' - Message: 'This function or variable may be
    >> unsafe. Consider using fscanf_s instead. To disable deprecation, use
    >> _CRT_SECURE_NO_DEPRECATE. See online help for details.'
    >>
    >> 2. warning C4996: 'scanf' was declared deprecated: see declaration of
    >> 'scanf'... Message: 'This function or variable may be unsafe. Consider
    >> using scanf_s instead. To disable deprecation, use ...
    >>
    >> 3. warning C4996: 'fopen' was declared deprecated.... : see
    >> declaration of 'fopen' Message: 'This function or variable may be
    >> unsafe. Consider using fopen_s instead. To disable deprecation, use
    >> _CRT_SECURE_NO_DEPRECATE. See online help for details.'

    >
    > fscanf(), scanf(), and fopen() are standard functions. Your compiler
    > is trying to tell you to replace them with fscanf_s(), scanf_s(), and
    > fopen_s(), which are not standard. You can do so if you like, and the
    > resulting code just might be safer, but it won't be portable (and we
    > won't be able to help you with it here).
    >
    > If you want to program in standard C, you can disable the warnings;
    > your compiler is telling you how to do that.


    You might have pointed out that, as usual, Microsoft is
    contravening standards in an effort to get people locked into their
    non-standard code, so that they can sell more buggy software.

    --
    "The power of the Executive to cast a man into prison without
    formulating any charge known to the law, and particularly to
    deny him the judgement of his peers, is in the highest degree
    odious and is the foundation of all totalitarian government
    whether Nazi or Communist." -- W. Churchill, Nov 21, 1943
    CBFalconer, Feb 17, 2006
    #10
  11. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Jack Klein Guest

    On Thu, 16 Feb 2006 18:19:42 +0100, Martin Jørgensen
    <> wrote in comp.lang.c:

    > Hi,
    >
    > Consider:
    > ------------
    > char stringinput[64]
    >
    > .bla. bla. bla.
    >
    > do
    > {
    > printf("Write to result.txt (y/n)? ");
    > scanf("%s", stringinput);


    Microsoft is on mission to replace some of the more
    dangerous-when-misused functions in C with safer versions. This is
    something that has been proposed for a future version of the C
    language standard, but is not part of the official language now.

    But in the particular case above, they are absolutely right, because
    you are misusing scanf() and making it very, very dangerous. You
    could be writing the next flawed program to be targeted by a buffer
    overflow exploit to turn computers into bots used by internet
    criminals.

    Never, never, NEVER use scanf (or fscanf or sscanf) with "%s" without
    specifying a maximum length. You have an array of 64 characters. You
    have told scanf() to accept as many characters as it can find in the
    standard input before a white space. What if the user types 100
    characters, or 1000 characters, or even 65 characters? What do you
    think is going to happen when scanf() tries to keep on inserting
    characters way past the end of the array?

    --
    Jack Klein
    Home: http://JK-Technology.Com
    FAQs for
    comp.lang.c http://c-faq.com/
    comp.lang.c++ http://www.parashift.com/c -faq-lite/
    alt.comp.lang.learn.c-c++
    http://www.contrib.andrew.cmu.edu/~ajo/docs/FAQ-acllc.html
    Jack Klein, Feb 17, 2006
    #11
  12. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Jack Klein <> writes:
    [...]
    > Never, never, NEVER use scanf (or fscanf or sscanf) with "%s" without
    > specifying a maximum length. You have an array of 64 characters. You
    > have told scanf() to accept as many characters as it can find in the
    > standard input before a white space. What if the user types 100
    > characters, or 1000 characters, or even 65 characters? What do you
    > think is going to happen when scanf() tries to keep on inserting
    > characters way past the end of the array?


    It might be reasonable to use sscanf with "%s" if you have sufficient
    control over the string being scanned (i.e., if you *know* it can't
    overflow). The same thing might theoretically apply to fscanf(), but
    it's less safe to assume that an external file contains what you
    expect it to. Except under the rarest circumstances, you should
    assume that stdin (used by scanf) could contain any arbitrary data,
    and guard against it.

    But it's safer and easier to avoid "%s" altogether, for all the *scanf
    functions.

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    We must do something. This is something. Therefore, we must do this.
    Keith Thompson, Feb 17, 2006
    #12
  13. Re: scanf (yes/no) - doesn't work + deprecation errors scanf,fopenetc.

    CBFalconer <> writes:
    > Keith Thompson wrote:

    [...]
    >> fscanf(), scanf(), and fopen() are standard functions. Your compiler
    >> is trying to tell you to replace them with fscanf_s(), scanf_s(), and
    >> fopen_s(), which are not standard. You can do so if you like, and the
    >> resulting code just might be safer, but it won't be portable (and we
    >> won't be able to help you with it here).
    >>
    >> If you want to program in standard C, you can disable the warnings;
    >> your compiler is telling you how to do that.

    >
    > You might have pointed out that, as usual, Microsoft is
    > contravening standards in an effort to get people locked into their
    > non-standard code, so that they can sell more buggy software.


    I might have, but it didn't seem relevant, and doesn't appear to be
    true in this case. The *_s functions look similar to, and may
    actually be, the functions defined in n1135,
    <http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1135.pdf>, which is
    an ISO/IEC draft Technical Report.

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    We must do something. This is something. Therefore, we must do this.
    Keith Thompson, Feb 17, 2006
    #13
  14. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    CBFalconer Guest

    Re: scanf (yes/no) - doesn't work + deprecation errors scanf,fopenetc.

    Keith Thompson wrote:
    >

    .... snip ...
    >
    > I might have, but it didn't seem relevant, and doesn't appear to be
    > true in this case. The *_s functions look similar to, and may
    > actually be, the functions defined in n1135,
    > <http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1135.pdf>, which is
    > an ISO/IEC draft Technical Report.


    This is the first I had heard of that. Took a quick look, and I
    think it is ignoring real work going on in the C world. Glaringly
    obvious are missing references to strlcat and strlcpy from FreeBSD,
    which make much more sense than the proposals.

    I also think the gets_s proposal is foolish. Novices use gets
    because it is simple and minimizes thought. My own ggets attempts
    to fill that need.

    Cross posted to c.std.c. For reference source etc. for strlcat,
    strlcpy, and ggets are available at:

    <http://cbfalconer.home.att.net/download/strlcpy.zip>
    <http://cbfalconer.home.att.net/download/ggets.zip>

    --
    "The most amazing achievement of the computer software industry
    is its continuing cancellation of the steady and staggering
    gains made by the computer hardware industry..." - Petroski
    CBFalconer, Feb 17, 2006
    #14
  15. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Richard Bos Guest

    Re: scanf (yes/no) - doesn't work + deprecation errors scanf,fopenetc.

    CBFalconer <> wrote:

    > Keith Thompson wrote:
    > >
    > > I might have, but it didn't seem relevant, and doesn't appear to be
    > > true in this case. The *_s functions look similar to, and may
    > > actually be, the functions defined in n1135,
    > > <http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1135.pdf>, which is
    > > an ISO/IEC draft Technical Report.

    >
    > This is the first I had heard of that. Took a quick look, and I
    > think it is ignoring real work going on in the C world.


    I think a hint to that, and to the reason why Microsoft "adopted" this
    "standard" with such suspicious dispatch, may lie in the origin of the
    proposal.

    > I also think the gets_s proposal is foolish. Novices use gets
    > because it is simple and minimizes thought. My own ggets attempts
    > to fill that need.


    Which is also missing the point, and in the same way that n1135 does.

    This proposal, and your ggets(), will _perhaps_ be adopted by only those
    programmers who already take care to program safely. Hacks will ignore
    them.

    Richard
    Richard Bos, Feb 17, 2006
    #15
  16. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Broeisi a écrit :
    > This code will do what you want...


    > __fpurge(stdin); // clear the stdin to strip off the previous newline char.


    Bad avice. This function is not standard.

    You should use fgets() with an array of 3 (at least) char...

    --
    A+

    Emmanuel Delahaye
    Emmanuel Delahaye, Feb 17, 2006
    #16
  17. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Keith Thompson wrote:
    > Jack Klein <> writes:
    > [...]
    >
    >>Never, never, NEVER use scanf (or fscanf or sscanf) with "%s" without
    >>specifying a maximum length. You have an array of 64 characters. You
    >>have told scanf() to accept as many characters as it can find in the
    >>standard input before a white space. What if the user types 100
    >>characters, or 1000 characters, or even 65 characters? What do you
    >>think is going to happen when scanf() tries to keep on inserting
    >>characters way past the end of the array?


    Crash.

    > It might be reasonable to use sscanf with "%s" if you have sufficient
    > control over the string being scanned (i.e., if you *know* it can't
    > overflow). The same thing might theoretically apply to fscanf(), but
    > it's less safe to assume that an external file contains what you
    > expect it to. Except under the rarest circumstances, you should
    > assume that stdin (used by scanf) could contain any arbitrary data,
    > and guard against it.


    Ok.

    > But it's safer and easier to avoid "%s" altogether, for all the *scanf
    > functions.


    Sorry for my late reply... But good point there. How about scanf("%20s",
    string) or something?


    Med venlig hilsen / Best regards
    Martin Jørgensen

    --
    ---------------------------------------------------------------------------
    Home of Martin Jørgensen - http://www.martinjoergensen.dk
    =?ISO-8859-1?Q?Martin_J=F8rgensen?=, Feb 17, 2006
    #17
  18. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Keith Thompson wrote:
    -snip-

    > If you want to program in standard C, you can disable the warnings;
    > your compiler is telling you how to do that.


    Yep, I did that. Much, much better now :)


    Med venlig hilsen / Best regards
    Martin Jørgensen

    --
    ---------------------------------------------------------------------------
    Home of Martin Jørgensen - http://www.martinjoergensen.dk
    =?ISO-8859-1?Q?Martin_J=F8rgensen?=, Feb 17, 2006
    #18
  19. =?ISO-8859-1?Q?Martin_J=F8rgensen?=

    Michael Mair Guest

    Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Martin Jørgensen schrieb:
    > Keith Thompson wrote:
    >> Jack Klein <> writes:
    >> [...]
    >>
    >>> Never, never, NEVER use scanf (or fscanf or sscanf) with "%s" without
    >>> specifying a maximum length. You have an array of 64 characters. You
    >>> have told scanf() to accept as many characters as it can find in the
    >>> standard input before a white space. What if the user types 100
    >>> characters, or 1000 characters, or even 65 characters? What do you
    >>> think is going to happen when scanf() tries to keep on inserting
    >>> characters way past the end of the array?

    >
    > Crash.


    The ugly thing is: Not necessarily.
    It may only happen when Mars occupies a corner in Jupiter's House
    or your boss, customer, or whoever stands at your side for the
    crucial demonstration. All other times it seems to work.


    >> It might be reasonable to use sscanf with "%s" if you have sufficient
    >> control over the string being scanned (i.e., if you *know* it can't
    >> overflow). The same thing might theoretically apply to fscanf(), but
    >> it's less safe to assume that an external file contains what you
    >> expect it to. Except under the rarest circumstances, you should
    >> assume that stdin (used by scanf) could contain any arbitrary data,
    >> and guard against it.

    >
    > Ok.
    >
    >> But it's safer and easier to avoid "%s" altogether, for all the *scanf
    >> functions.

    >
    > Sorry for my late reply... But good point there. How about scanf("%20s",
    > string) or something?


    The thing is, you still cannot control what you get -- whitespace
    still gets discarded unless you use scan sets (e.g. %40[ \t\naA]).
    Using fgets() or a homebrew getch()-based input usually is safer.
    You can also use ggets() which can be written in standard C; Chuck
    Falconer advertises his public domain version around here.

    Another thing: There is no equivalent to the run-time determination
    of field width and precision for printf(). If you do not want to
    have magic numbers you always have something like that:

    #define STRINGIZE(S) #s
    #define XSTR(S) STRINGIZE(S)

    #define BUFSIZE 20

    ....
    char buffer[BUFSIZE+1];
    ....
    ret = sscanf("%" XSTR(BUFSIZE) "s", buffer);
    ....

    Not really what I'd call flexible. And I am a friend of sscanf().


    Cheers
    Michael
    --
    E-Mail: Mine is an /at/ gmx /dot/ de address.
    Michael Mair, Feb 17, 2006
    #19
  20. Re: scanf (yes/no) - doesn't work + deprecation errors scanf, fopenetc.

    Michael Mair wrote:
    > Martin Jørgensen schrieb:

    -snip-

    >>>> characters, or 1000 characters, or even 65 characters? What do you
    >>>> think is going to happen when scanf() tries to keep on inserting
    >>>> characters way past the end of the array?

    >>
    >>
    >> Crash.

    >
    >
    > The ugly thing is: Not necessarily.


    Yeah, ok. I just debugged a program yesterday which took me very long
    time before it crashed... Of course the error was also very difficult to
    find.... So it was really annoying just to find out that I had an array
    operation; something like var[variable+2]=(code) and forgot to declare
    it var[variable+3] instead of var[variable+2]... Damn, I hope I learned
    my lesson :)

    -snip-

    >> Sorry for my late reply... But good point there. How about
    >> scanf("%20s", string) or something?

    >
    >
    > The thing is, you still cannot control what you get -- whitespace
    > still gets discarded unless you use scan sets (e.g. %40[ \t\naA]).
    > Using fgets() or a homebrew getch()-based input usually is safer.
    > You can also use ggets() which can be written in standard C; Chuck
    > Falconer advertises his public domain version around here.


    Ok.

    > Another thing: There is no equivalent to the run-time determination
    > of field width and precision for printf(). If you do not want to
    > have magic numbers you always have something like that:
    >
    > #define STRINGIZE(S) #s
    > #define XSTR(S) STRINGIZE(S)
    >
    > #define BUFSIZE 20
    >
    > ...
    > char buffer[BUFSIZE+1];
    > ....
    > ret = sscanf("%" XSTR(BUFSIZE) "s", buffer);
    > ....
    >
    > Not really what I'd call flexible. And I am a friend of sscanf().


    Thanks for the code piece. I wish my (lousy?) C programming book used
    sscanf() instead, like you propose...


    Med venlig hilsen / Best regards
    Martin Jørgensen

    --
    ---------------------------------------------------------------------------
    Home of Martin Jørgensen - http://www.martinjoergensen.dk
    =?ISO-8859-15?Q?Martin_J=F8rgensen?=, Feb 17, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nonee
    Replies:
    2
    Views:
    2,625
    Neredbojias
    Oct 25, 2005
  2. teo
    Replies:
    3
    Views:
    511
  3. Michel Rouzic
    Replies:
    4
    Views:
    1,818
    Michel Rouzic
    Apr 28, 2008
  4. Jamie Herre
    Replies:
    1
    Views:
    167
    why the lucky stiff
    Jan 7, 2005
  5. Iñaki Baz Castillo
    Replies:
    6
    Views:
    98
    Iñaki Baz Castillo
    Jul 21, 2008
Loading...

Share This Page