From owner-freebsd-questions  Thu Mar  6 17:55:24 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA01446
          for questions-outgoing; Thu, 6 Mar 1997 17:55:24 -0800 (PST)
Received: from murkwood.gaffaneys.com (dialup15.gaffaneys.com [134.129.252.34])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA01438
          for <questions@freebsd.org>; Thu, 6 Mar 1997 17:55:19 -0800 (PST)
Received: (from zach@localhost)
	by murkwood.gaffaneys.com (8.8.5/8.8.5) id TAA04182;
	Thu, 6 Mar 1997 19:54:18 -0600 (CST)
To: "Jeffrey M. Metcalf" <metcalf@snet.net>
Cc: "Jeffrey M Metcalf" <Jeffrey_M._Metcalf@ccmail.bms.com>,
        "FreeBSD questions" <questions@freebsd.org>
Subject: Re: What does gets() unsafe question mean?
References: <199703070034.TAA12071@daisy.snet.net>
Mime-Version: 1.0 (generated by tm-edit 7.103)
Content-Type: text/plain; charset=US-ASCII
From: Zach Heilig <zach@blizzard.gaffaneys.com>
Date: 06 Mar 1997 19:54:17 -0600
In-Reply-To: "Jeffrey M. Metcalf"'s message of Thu, 6 Mar 1997 19:35:07 -0500
Message-ID: <87n2sg1n7a.fsf@murkwood.gaffaneys.com>
Lines: 32
X-Mailer: Gnus v5.4.15/Emacs 19.34
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>>>>> "Jeffrey" == Jeffrey M Metcalf <metcalf@snet.net> writes:

> Hello, I recently wrote a little C program which uses the stdio.h
> function gets().  I compiled and ran it under FreeBSD and I get..

> warning: this program uses gets(), which is unsafe.

> What exactly does this mean?  Why is it unsafe?  If possible, can
> any replies be sent as an e-mail to the above address?

Compile this small program:

#include <stdio.h>
main() {
    char buf[1];
    puts("Enter lots of text and press enter:");
    gets(buf);
}

Run it, and follow instructions.  This will usually crash an MS-DOS
machine, and it crashed the pty driver on one version of unix I
tried it on (it was awhile ago, and I don't remember which machine
it happened on).  I had to telnet in from another box, and kill the
processes attached to that terminal so it would log out and reset.

This sort of programming has been the cause of far too many security
holes in sendmail and many other setuid programs.

-- 
Zach Heilig (zach@blizzard.gaffaneys.com) | ALL unsolicited commercial email
Support bacteria -- it's the only         | is unwelcome.  I avoid dealing
form of culture some people have!         | with companies that email ads.