[Info-vax] ChatGPT solved it for me, again...
Johnny Billquist
bqt at softjar.se
Mon Feb 20 05:06:03 EST 2023
On 2023-02-17 14:20, Simon Clubley wrote:
> On 2023-02-17, Slo <slovuj at gmail.com> wrote:
>> Sorry Arne, I don't trust your coding skills and an ancient language :-)
>
> That ancient language is more secure than C. :-)
>
>> Me: Convert this code to C
>> ============================
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <string.h>
>> #include <time.h>
>> int get_wattage(char *sys) {
>> return (rand() % 20) * 50 + 200;
>> }
>> int main() {
>> char sys1[256], sys2[256];
>> int watt1, watt2;
>> srand(time(NULL));
>> printf("Utility to check power supply compatibility.\n");
>> printf("Enter name of system #1: ");
>> fgets(sys1, 256, stdin);
>> printf("Enter name of system #2: ");
>> fgets(sys2, 256, stdin);
>> sys1[strcspn(sys1, "\n")] = '\0';
>> sys2[strcspn(sys2, "\n")] = '\0';
>
> OUCH! OUCH! OUCH!!!!!
>
> fgets() is not guaranteed to return a newline character.
True. If you have an eof, you (obviously) don't have a newline, nor do
you get it if there are "too many" characters input.
> Here's an online man page that confirms this:
>
> https://linux.die.net/man/3/fgets
>
> I hope people using this technology with "real" code understand and
> recognise this kind of thing...
Well, the code was actually "safe". It just replaced the first newline
with a NUL, if found. Otherwise it does nothing.
So I don't really see what point you were trying to make here.
Johnny
More information about the Info-vax
mailing list