1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
'\" t
.\" Copyright (c) 1993 by Thomas Koenig (ig25@rz.uni-karlsruhe.de)
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.\" Modified Wed Jul 28 11:12:07 1993 by Rik Faith (faith@cs.unc.edu)
.\" Modified Fri Sep 8 15:48:13 1995 by Andries Brouwer (aeb@cwi.nl)
.\" Modified 2013-12-31, David Malcolm <dmalcolm@redhat.com>
.\" Split gets(3) into its own page; fgetc() et al. move to fgetc(3)
.TH gets 3 2023-03-30 "Linux man-pages 6.04"
.SH NAME
gets \- get a string from standard input (DEPRECATED)
.SH LIBRARY
Standard C library
.RI ( libc ", " \-lc )
.SH SYNOPSIS
.nf
.B #include <stdio.h>
.PP
.BI "[[deprecated]] char *gets(char *" "s" );
.fi
.SH DESCRIPTION
.IR "Never use this function" .
.PP
.BR gets ()
reads a line from
.I stdin
into the buffer pointed to by
.I s
until either a terminating newline or
.BR EOF ,
which it replaces with a null byte (\[aq]\e0\[aq]).
No check for buffer overrun is performed (see BUGS below).
.SH RETURN VALUE
.BR gets ()
returns
.I s
on success, and NULL
on error or when end of file occurs while no characters have been read.
However, given the lack of buffer overrun checking, there can be no
guarantees that the function will even return.
.SH ATTRIBUTES
For an explanation of the terms used in this section, see
.BR attributes (7).
.ad l
.nh
.TS
allbox;
lbx lb lb
l l l.
Interface Attribute Value
T{
.BR gets ()
T} Thread safety MT-Safe
.TE
.hy
.ad
.sp 1
.SH STANDARDS
POSIX.1-2008.
.SH HISTORY
C89, POSIX.1-2001.
.PP
LSB deprecates
.BR gets ().
POSIX.1-2008 marks
.BR gets ()
obsolescent.
ISO C11 removes the specification of
.BR gets ()
from the C language, and since glibc 2.16,
glibc header files don't expose the function declaration if the
.B _ISOC11_SOURCE
feature test macro is defined.
.SH BUGS
Never use
.BR gets ().
Because it is impossible to tell without knowing the data in advance how many
characters
.BR gets ()
will read, and because
.BR gets ()
will continue to store characters past the end of the buffer,
it is extremely dangerous to use.
It has been used to break computer security.
Use
.BR fgets ()
instead.
.PP
For more information, see CWE-242 (aka "Use of Inherently Dangerous
Function") at
http://cwe.mitre.org/data/definitions/242.html
.SH SEE ALSO
.BR read (2),
.BR write (2),
.BR ferror (3),
.BR fgetc (3),
.BR fgets (3),
.BR fgetwc (3),
.BR fgetws (3),
.BR fopen (3),
.BR fread (3),
.BR fseek (3),
.BR getline (3),
.BR getwchar (3),
.BR puts (3),
.BR scanf (3),
.BR ungetwc (3),
.BR unlocked_stdio (3),
.BR feature_test_macros (7)
|