Re: Security in a shell that starts ssh
On Thu, Jun 14, 2001 at 01:50:56AM +0400, Daniel Ginsburg wrote:
> It _won't_ be caught by fgets. See my other post.
> Please refer to manpages and the Standard to see what does fgets return and
> under what circumstances.
The libc info page (run info libc, for those not familiar with info(1) or
the emacs mode) has this to say:
*Warning:* If the input data has a null character, you can't tell.
So don't use fgets' unless you know the data cannot contain a
null. Don't use it to read files edited by the user because, if
the user inserts a null character, you should either handle it
properly or print a clear error message. We recommend using
getline' instead of fgets'.
getline(3) is available on GNU systems, but it's not part of any C
standard. Still, the implementation of it is Free (LGPL), so you can
distribute it with your code if you need to.
getline is what I wish C had done from the beginning. C has too much cruft
in its IO functions, especially the way they all signal errors or EOF
differently, and take their arguments in different order. This is not the
place to discuss this further, so I'll shut up now, and hope nobody replies
to the list about this.
#define X(x,y) x##y
Peter Cordes ; e-mail: X(firstname.lastname@example.org. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE