Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


Tip of the Day
Language: C++
Expertise: Beginner
Jul 28, 2000

Use a String Object to Read Input Safely

One of the common sources for bugs and security risks is using a fixed size char array as a buffer for inputting data. For example:

 
char buff[20];
cout << "enter your name: "
cin >> buff; // what if user inserts 25 characters?

The problem is that if the user enters a string that has more than 19 characters, a buffer overflow will occur, as the program attempts to write past the end of the array. To avoid such potential bugs, always use a string object instead of a char array:

 
string buff;
cout << "enter your name: "
cin >> buff; 

A string object automatically allocates memory as necessary. Therefore, a buffer overflow can't happen in this case.

Danny Kalev
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap