Never use gets. It offers no protections against a buffer overflow vulnerability (that is, you cannot tell it how big the buffer you pass to it is, so it cannot prevent a user from entering a line larger than the buffer and clobbering memory). Avoid using scanf. If not used carefully, it can have the … Read more
I’m the founder of Coderbyte and also the guy who created this gets(stdin) hack. The comments on this post are correct that it is a form of find-and-replace, so let me explain why I did this really quickly. Back in the day when I first created the site (around 2012), it only supported JavaScript. There … Read more
Why is gets() dangerous The first internet worm (the Morris Internet Worm) escaped about 30 years ago (1988-11-02), and it used gets() and a buffer overflow as one of its methods of propagating from system to system. The basic problem is that the function doesn’t know how big the buffer is, so it continues reading … Read more