dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


Tip of the Day
Language: C++
Expertise: Beginner
Jul 28, 2000

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


Use a String Object to Read Input Safely

One of the common sources for bugs and security risks is using a fixed size char array as a buffer for inputting data. For example:

 
char buff[20];
cout << "enter your name: "
cin >> buff; // what if user inserts 25 characters?

The problem is that if the user enters a string that has more than 19 characters, a buffer overflow will occur, as the program attempts to write past the end of the array. To avoid such potential bugs, always use a string object instead of a char array:

 
string buff;
cout << "enter your name: "
cin >> buff; 

A string object automatically allocates memory as necessary. Therefore, a buffer overflow can't happen in this case.

Danny Kalev
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date