gets() 被正式弃用了吗?
基于最新草案 C++11、C++ 参考 ISO/IEC 9899:1999/Cor.3:2007(E) 来了解 C 库函数的定义(根据§1.2[介绍.参考]/1)。
基于 C99 TC3 的最新草案 ,gets 函数已过时,已被弃用。(根据 §7.26.9/2)
我可以肯定地说 gets() 是在 C 和 C++ 中均已弃用?
Based on the most recent draft of C++11, C++ refers to ISO/IEC 9899:1999/Cor.3:2007(E) for the definitions of the C library functions (per §1.2[intro.refs]/1).
Based on the most recent draft of C99 TC3, The gets function is obsolescent, and is deprecated. (per §7.26.9/2)
Can I safely say that gets() is deprecated in both C and C++?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
已弃用意味着您不应该使用它,并且它可能会在将来被删除。由于这两个标准都表示它已被弃用,这意味着它已被正式弃用。
Deprecated means you shouldn't use it and it might be removed in the future. Since both standards say it is deprecated, that means it is deprecated, officially.
有关系吗?您可以使用
gets的唯一方法是如果已知stdin附加到您可以完全控制其内容的文件。这个条件几乎不可能满足,特别是在多进程系统上,其他进程可能会相对于您的程序异步修改文件。因此,出于所有实际目的,任何使用 gets 的程序都具有未定义的行为(即存在可能的输入/环境条件,从而导致其具有未定义的行为),特别是 UB 可能会导致特权如果您的程序具有比数据提供者更高的权限,则妥协。编辑: 好的,这是
gets的一种安全使用方式,大约是我能立即想到的唯一一种…当然还有一些有缺陷的实现(可能包括 glibc..? ) 即使已经为流设置了 EOF 指示符也允许读取,所以......
Does it matter? The only way you can ever use
getsis ifstdinis known to be attached to a file whose contents you have full control over. This condition is almost impossible to satisfy, especially on multiprocess systems where other processes may modify files asynchronously with respect to your program. Therefore, for all practical purposes, any program usinggetshas undefined behavior (i.e. there are possible inputs/environmental conditions for which it will have undefined behavior), and in particular UB which is likely to lead to privilege compromise if your program has higher privileges than the provider of the data.Edit: OK, here's one safe use of
gets, about the only one I can think of right off...Of course some buggy implementations (possibly including glibc..?) permit reads even when the EOF indicator is already set for a stream, so....
即使是因从库中删除 gets() 而被破坏的代码,在删除之后,也会比删除之前更少被破坏。我认为编译器供应商可能有必要将其包含在“完全标准兼容”模式中,但是可以安全使用它的情况数量非常小,因此将其从“正常”模式中排除可能是合理的。 “ 建造。
Even code which would be broken by the removal of gets() from the library would, after such removal, be less broken than it was before such removal. I suppose it might be necessary for compiler vendors to include it in a "fully-standard compliant" mode, but the number of circumstances where it could safely be used is so vanishingly small that it would probably be reasonable to exclude it from a "normal" build.
C++11 全面实现还需要一段时间。
此外,大多数编译器甚至还没有完全支持 C99。
例如,微软就没有。
所以不,它在 C 和 C++ 中都没有被弃用。
It's going to be a while until C++11 is implemented everywhere.
Also, most compilers doesn't even fully support C99 yet.
Microsoft's, for instance, does not.
So no, it's not deprecated in both C and C++.
嗯,它已从 C11 标准中完全删除,所以我认为这是肯定的。
Well it was removed altogether from the C11 standard, so I'd take that as a yes.