Why string[10] containing more 10 character in c? [duplicate] - arrays

This question already has answers here:
Char array can hold more than expected
(3 answers)
Why is the gets function so dangerous that it should not be used?
(13 answers)
Closed 28 days ago.
I'm taking array of character size of 10 , but in return it gives me out-range array(10+) string, YOU CAN REFER TO MY CODE
#include<stdio.h>
int main(){
char name[10]; `array of 10 Character`
gets(name); `INPUT: THIS IS BEAUTIFUL WORLD!`
printf("Given string %s", name); `it should print only 10 string in c`
` OUTPUT : Given string THIS IS BEAUTIFUL WORLD! `
return 0;
}

https://en.cppreference.com/w/c/io/gets
char *gets( char *str );
The gets() function does not perform bounds checking, therefore this function is extremely vulnerable to buffer-overflow attacks. It cannot be used safely (unless the program runs in an environment which restricts what can appear on stdin). For this reason, the function has been deprecated in the third corrigendum to the C99 standard and removed altogether in the C11 standard. fgets() and gets_s() are the recommended replacements.

Related

string without null terminator [duplicate]

This question already has answers here:
Undefined, unspecified and implementation-defined behavior
(9 answers)
Using printf with a non-null terminated string
(6 answers)
Closed 1 year ago.
#include <stdio.h>
int main()
{
char as[4];
*as='0';
*(as+1)='1';
*(as+2)='2';
*(as+3)='3';
printf("%s",as);
return 0;
}
The output i got is : 0123.
In the above program i declared an array of size 4 -> char as[4];
and in that i stored 4 chars 0,1,2,3.
Normally if we declare a char array, '\0' will be stored at last (i.e. as[3]='\0');
but i stored '3' in it. how it did not generate error?.
There is absolutely nothing stopping you from using an array of char as an array of char. There could be any number of reasons to want this.
However, C strings are null-terminated by definition. Using the %s specifier in printf tells it to expect a null-terminated string, so your program will (probably) not work correctly unless you give it such a string.

C chars add themselves up for no reason [duplicate]

This question already has answers here:
Space for Null character in c strings
(5 answers)
Closed 3 years ago.
I think I'm going insane because I cannot find an explanation to why C is combining my chars.
I've made you guys a test programm...
#include <stdio.h>
#include <stdlib.h>
int main()
{
char alphabet_big[26] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
char alphabet_small[26] = "abcdefghijklmnopqrstuvwxyz";
printf("%s\n", alphabet_small);
return 0;
}
Results: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZV
Why is C combining alphabet_small and alphabet_big? That's not making sense. And why is there a "V" at the end of the char?
I hope someone can provide me an answer to this "problem".
Best regards.
Keep in mind that a C String is defined as a null terminated char array.
Change the declaration and initialization statement here: (for both statements.)
char alphabet_big[26] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";//forces compiler to use only 26 char
//regardless of the count of initializers
//(leaving no room for NULL terminator)
To
char alphabet_big[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";//allows compiler to set aside
^^ //the proper space, no matter how many initializers
The first produces undefined behavior when using with any of the string functions, such as strcpy, strcmp, and in this case printf with the "%s" format specifier.
The first produces the following, which is not is not a C string:
|A|B|C|D|E|F|G|H|I|J|K|L|M|N|O|P|Q|R|S|T|U|V|W|X|Y|Z|?|?|?|
While the 2nd produces the following, which is a C string:
|A|B|C|D|E|F|G|H|I|J|K|L|M|N|O|P|Q|R|S|T|U|V|W|X|Y|Z|\0|?|?|
Note - The ? symbols used in above illustration depict memory locations that are not owned by the program, and for which the contents are unknown, or may not even exist. A program attempting to access these locations would be invoking undefined behavior.
Normally the library functions expect to find a NUL byte at the end of a string, and the compiler is happy to add it for you automatically except you've told it that alphabet_big has only 26 bytes, essentially avoiding that extra NUL byte, so it combines with what's next.
Remove the 26 and let the compiler count for you.

gets() function throw exception? [duplicate]

This question already has answers here:
Why is the gets function so dangerous that it should not be used?
(13 answers)
Closed 4 years ago.
void getInputWith_gets()
{
char firstName[5];
char lastName[5];
printf("Enter your first name: ");
gets(firstName);
printf("Enter your last name: ");
gets(lastName);
printf("Hello, %s, %s\n", firstName, lastName);
}
int main(int argc, char **argv)
{
getInputWith_gets();
//getInputWith_fgets();
system("pause");
return 0;
}
I am using MS Visual Studio 2017, I know the restriction of using the "gets()" function that I have a maximum of 5 chars to be entered but if I entered exactly 5 characters, the console prints correctly(and doesn't print "press any key to continue... due to "system("pause") statment") but the program get stuck at the debugger screen and after the last "printf" statement I get a a red error symbol with a pop-up saying:
"Run-Time Check Failure #2 - Stack around the variable 'lastName' was corrupted."
does this means that the "gets()" function will read 5 exclusive characters only?
You have multiple bugs here:
In ancient, obsolete C where gets existed, you must #include <stdio.h> or otherwise you might get weird run-time behavior, since ancient obsolete C allowed functions with no prototype.
In modern and semi-modern C, the function gets is removed/flagged obsolete and should never be used. See Why is the gets function so dangerous that it should not be used? and also What are the functions from the standard library that must/should be avoided?.
Strings in C are null terminated, meaning you have to leave room for the null terminator.
Also note that the function format void getInputWith_gets() is obsolete style, you should be writing void getInputWith_gets(void).
Overall, it seems you are learning C from a completely outdated source (over 20 years outdated).

C - runtime error while printing string(using a pointer) [duplicate]

This question already has answers here:
Segmentation fault with scanf and strings in C
(3 answers)
Closed 5 years ago.
I have a problem with a simple C program and i need your help.I declare a string, using a pointer.Using scanf I give it a value from stdin.Later I try printing this string.It all compiles well,but when i run the program, it accepts my string,and when it gets to printing, i recieve a run-time error with return value 3221225477.
Where is the problem here?
I'm using DEV C++ IDE btw.
Note: I also tried doing the same on ideone.com online compiler and it doesn't give a runtime error,but instead of string given in stdin, it prints (null).
Here is the code:
#include <stdio.h>
int main(void)
{
char *string;
scanf("%s", string);
printf("Hello,%s !", string);
return 0;
}
You need to allocate space for the variable string.
For example:
char *string;
int i;
scanf("%d", &i);
string = (char*)malloc(sizeof(char)*i);
And then you can read from input and print the string

program to find length of a string [duplicate]

This question already has answers here:
Program didn't crash when buffer overflow
(2 answers)
Closed 6 years ago.
If I input string of more than size 10 then why is not generating compile time error as I have declared str of size 10? For example I have input welcome to the world, then it is compiling and running with no error.
#include <stdio.h>
#include <conio.h>
int main() {
int i = 0, length;
char str[10];
printf("enter string: ");
gets(str);
while (str[i] !='\0') {
i = i + 1;
}
length = i;
printf("the length of string is %d", length);
}
An input string is a runtime entity. Any computation involving it cannot be performed at compile time, so the best you can do is raise a runtime error.
Furthermore, gets is marked deprecated in C99 and simply removed from C11 because exactly this insecure behavior cannot be prevented: without anyone complaining, you can write beyond array bounds, which is undefined behavior. Use fgets instead, which provides a higher level of security.
Because gets does not take a length parameter it does not know how large your input buffer is.
you can use fgets instead
It is a undefined behaviour. Anything can happen.
Never use gets() because it does not prevent buffer overflowing which is what your program is doing. Use fgets() instead of gets().
fgets() prevent the size of array beyond that.
fgets(array, sizeOfArray, stdin);
Because you defined the string length as 10, so if the value increases the program stops executing, moreover you have not made handling error mechanism for the code. So resulting the following error you mentioned. Use fgets

Resources