...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
char *get_filled_buffer(void) {
char temp[32];
char *ret = NULL;
char *end = ret;
while (fgets(temp, sizeof(temp), stdin)) {
size_t len = strlen(temp);
const size_t full_size = end - ret + len;
char *r_temp = realloc(ret, full_size + 1); /* NTBS */
if (r_temp == NULL) {
break;
}
ret = r_temp;
strcat(ret, temp);
end = ret + full_size;
if (feof(stdin) || temp[len-1] == '\n') {
return ret;
}
}
free(ret);
return NULL;
} |
Compliant Solution (POSIX getline())
The getline() function was originally a GNU extension, but is now standard in POSIX.1-2008. It also fills a string with characters from an input stream. In this case, the program passes it a NULL pointer for a string, indicating that getline() should allocate sufficient space for the string and the caller frees it later.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
void func(void) {
char* buf = NULL;
size_t dummy = 0;
if (getline(&buf, &dummy, stdin) == -1) {
/* handle error */
}
printf("The user input %s\n", buf);
free(buf);
} |
Risk Assessment
Incorrectly assuming a newline character is read by fgets() or fgetws() can result in data truncation.
...