Now you're writing about two different things (further evidenced by the
fact that they appear in two separate statements in your code), and
trying needlessly to relate the two to make a point.
The point you are trying to make has very little to do with scanf, and
a lot of do with the type of the variable 'k' (which you have not shown
a declaration for).
Nope. I surmise that you have not understood the point I'm trying
to make. My point is that you need to verify user input (such as input
that comes from 'scanf'[1]), as opposed to the kind of input a library
function might get from a client program (such as C-style strings being
passed to a sorting function, the original context of my remark).
So if anything, your code -somewhat- reverts back to the exact same
point Eric Sosman was making, without adding any special caveat for
scanf whatsoever.
Huh? Eric basically said, "Not casting results in UB." I disagree;
the cast is /only/ necessary when you're dealing with potentially
unsafe input, and the only way to get unsafe input is from the user,
via 'getchar', 'scanf', or any other <stdio.h> input function.
There's nothing special about 'scanf' that makes it dangerous in
this respect; but, as CBFalconer pointed out, there is something special
about 'getchar' that makes it innocuous in this respect. That's why I
corrected my "dangerous" code --- it hadn't been as dangerous as I had
thought.
-Arthur
[1] - but not, technically speaking, 'getchar', which was what CBFalconer
pointed out, and which was why I corrected my example to use the 'scanf'
input function instead, which AFAIK provides no guarantee of its results'
<ctype.h>-friendliness.