/prog/ - [C]: printf / scanf functions are evil

Name: Anonymous 2009-10-19 20:47

I'm just starting to learn C and the first exercise made in class was to make a program that prints the sum of two integers.

This program:



#include <stdio.h>

#include <stdlib.h>

int main (void) {

  int n1,n2;

  printf("1st int: ");

  scanf("%d",&n1);

  printf("2nd int: ");

  scanf("%d",&n2);

  printf("Sum = %d\n",n1+n2);

  return EXIT_SUCCESS;

}

I showed it to some of my older classmates and went batshit insane with it saying: DO NOT USE PRINTF AND SCANF, THEY ARE NOT FUCKING SAME and other stuff.

Will someone please input on this matter?
Thank you!

Name: OP 2009-10-19 20:53

>>1

s/SAME/SAFE/

Sorry!

Name: Anonymous 2009-10-19 20:53

I think YOU SHOULD READ SICP, it's a book. Here's the URL:
http://mitpress.mit.edu/sicp/

Thank you!

Name: Anonymous 2009-10-19 20:57

Input output stream has producer/consumer problems basicly. Sometimes you dont know what the fuck you are gonna get.

Use putchar or getchar

Name: Anonymous 2009-10-19 20:58

>>4
Producer what?

Name: Anonymous 2009-10-19 21:03

he's an idiot.
printf() is perfectly safe, as long as you don't do anything stupid.
i don't use scanf(), so i can't really comment on that though.

Name: Anonymous 2009-10-19 21:06

printf is safe as long as you don't let the user control the format string, otherwise it's exploitable.

Name: Anonymous 2009-10-19 21:39

printf and scanf are safe if you use them right.

Name: Anonymous 2009-10-19 22:05

Ignore them, they're of the BAWWWWWW IT'S UNSAFE BECAUSE I'M TOO MUCH OF AN IDIOT TO USE THEM PROPERLY type.

Name: Anonymous 2009-10-19 22:11

scanf is fine for quick hacks, but never, ever use it without checking its return value.

Name: Anonymous 2009-10-19 22:16

>>10
I think that's true for all input, whether you are checking it explicitly or inside the function call.

Name: Anonymous 2009-10-19 22:50

Only a moron would use printf() in an unsafe way.

Just tell them to stay away from the C programming language because it isn't for them. Tell them to use Python or something.

Name: Anonymous 2009-10-19 23:52

printf is fine, tell your friends to stop being idiots.
scanf isn't unsafe (as long as you wrap it in some error recovery code), but it's basically worthless for actual input. Use readline or fgets, then sscanf the result or parse it yourself.

Name: Anonymous 2009-10-20 1:34

>>9
that

>>13
scanf isn't unsafe
scanf isn't unsafe; format specifiers may be.

Name: Anonymous 2009-10-20 2:27

Guns are safe, its the bullets that re dangerous.

Name: Anonymous 2009-10-20 2:49

>>15
I'M PISTOL WHIPPING YOU. WHAT NOW, BIYATCH?!

Name: Anonymous 2009-10-20 2:50

>>16
One leg kick to the nuts.

Name: Anonymous 2009-10-20 2:59

>>17
Explicit write to EIP.

Name: Anonymous 2009-10-20 4:20

call get_>>15

's_thread

mov [eax + thread.eip], 0xBA115

Name: OP 2009-10-20 5:49

OP here.

Thanks for the replies, guys.

So... is my code okay? Or it could be improved?

Thanks!

Name: Anonymous 2009-10-20 5:52



push new_ip

ret

Name: Anonymous 2009-10-20 6:14

>>20
in general use puts() instead of printf() when all you're doing is outputting a string. it's a lot more efficient.

Name: Anonymous 2009-10-20 6:17

>>22
or write()

Name: Anonymous 2009-10-20 6:23

>>22
gcc even replaces printf("...") with puts("...")

Name: Anonymous 2009-10-20 6:26

>>24
really?
that's awesome

Name: Anonymous 2009-10-20 6:26

>>24
But replacing printf("%s\n") with puts("%s\n") will result in correct behaviour?!

Name: Anonymous 2009-10-20 6:29

>>26
You are free to try. Your program is broken anyway, you can't blame gcc for making it do something else and not what you never intended to do.

Name: Anonymous 2009-10-20 6:43

>>26
i think what >>24kun meant to say is : it replaces printf() with puts() when you specify only a string without formating arguments .

besides string handling in C is generaly shit , dont use C if you can use a highlevel language for string operations .

Name: Anonymous 2009-10-20 7:55

besides string handling in C is generaly shit ,
Is that your way of saying "I don't understand programming"?

Name: Anonymous 2009-10-20 8:00

>>29
String handling in C is like using club as a weapon. Its not that effective, but you can upgrade it or sharpen it with tools. It will remain a club though, while your neighbors sport Ak-47 and uzi's.
However when civilization is done, the resources are scarce and there is nothing much left, the club is best tool for the job.

Name: Anonymous 2009-10-20 8:03

>>29
As someone who loves C, I've got to say that string handling in C is painful at best.
However, that doesn't stop me from doing stupid things like trying to write a regex engine in it.

Name: Anonymous 2009-10-20 8:10

>>31
It would be much improved if C had length-prefixed strings

Name: Anonymous 2009-10-20 8:14

>>32
Just write a struct to do it, or use a real string library it's not as if there is a shortage of them

Name: Anonymous 2009-10-20 8:20

The all-new LISP from Microsuss inc. will blow your socks ^{o^{f^{f^!}}}

Name: Anonymous 2009-10-20 8:20

>>32
Thati s such a good troll! I always rage reading this bullshit

Name: Anonymous 2009-10-20 8:24

>>19
Which memory addressing mode is this?

Name: Anonymous 2009-10-20 9:04

Im looking for a print function, it cant be printufu (thats japanese for printf) or any stdio function. It has to be of 2 or more parameteru (thats japanese for 2 parameters) and has be be chibi (small) sized. And has to be really kawaii (cute). Also It has to be about 10-20 bux. And you have to post documentation of it first (i want to make shure it's kawaii [cute]). And it would be nice if it came with matching input reading (WITH error handling). OH! and it CANNOT have any complicated syntax, or be made out of C. It has to be made of C++, or something like that. Also it would be nice if it was made in japan. and not in china or corea (korea) or whatever. I have found a function similar to the one im describing in sourceforge, but it was 1 parameteru, and i dont want my formatou (formatting) to touch my other things (it can get mixed up and i would not like that, plus 2 paraneters looks more kawaii)

Name: Anonymous 2009-10-20 9:09

>>37
KOREA HAS THE BEST PROGRAMMERS.
Why would you want Japanese pigdogs to do it?
Damn stupid weeaboos! Koreaboos are much smarter and better looking!!!!!

Name: Anonymous 2009-10-20 9:19

>>35
Admit it, the length prefix was cumbersome only in days where every byte was counted. Today, RAM is especially cheap.

Name: Anonymous 2009-10-20 9:29

>>38
Shut up, you .... KOREABOO

[C]: printf / scanf functions are evil

1 Name: Anonymous 2009-10-19 20:47

2 Name: OP 2009-10-19 20:53

3 Name: Anonymous 2009-10-19 20:53

4 Name: Anonymous 2009-10-19 20:57

5 Name: Anonymous 2009-10-19 20:58

6 Name: Anonymous 2009-10-19 21:03

7 Name: Anonymous 2009-10-19 21:06

8 Name: Anonymous 2009-10-19 21:39

9 Name: Anonymous 2009-10-19 22:05

10 Name: Anonymous 2009-10-19 22:11

11 Name: Anonymous 2009-10-19 22:16

12 Name: Anonymous 2009-10-19 22:50

13 Name: Anonymous 2009-10-19 23:52

14 Name: Anonymous 2009-10-20 1:34

15 Name: Anonymous 2009-10-20 2:27

16 Name: Anonymous 2009-10-20 2:49

17 Name: Anonymous 2009-10-20 2:50

18 Name: Anonymous 2009-10-20 2:59

19 Name: Anonymous 2009-10-20 4:20

20 Name: OP 2009-10-20 5:49

21 Name: Anonymous 2009-10-20 5:52

22 Name: Anonymous 2009-10-20 6:14

23 Name: Anonymous 2009-10-20 6:17

24 Name: Anonymous 2009-10-20 6:23

25 Name: Anonymous 2009-10-20 6:26

26 Name: Anonymous 2009-10-20 6:26

27 Name: Anonymous 2009-10-20 6:29

28 Name: Anonymous 2009-10-20 6:43

29 Name: Anonymous 2009-10-20 7:55

30 Name: Anonymous 2009-10-20 8:00

31 Name: Anonymous 2009-10-20 8:03

32 Name: Anonymous 2009-10-20 8:10

33 Name: Anonymous 2009-10-20 8:14

34 Name: Anonymous 2009-10-20 8:20

35 Name: Anonymous 2009-10-20 8:20

36 Name: Anonymous 2009-10-20 8:24

37 Name: Anonymous 2009-10-20 9:04

38 Name: Anonymous 2009-10-20 9:09

39 Name: Anonymous 2009-10-20 9:19

40 Name: Anonymous 2009-10-20 9:29

Name: Anonymous 2009-10-19 20:47

Name: OP 2009-10-19 20:53

Name: Anonymous 2009-10-19 20:53

Name: Anonymous 2009-10-19 20:57

Name: Anonymous 2009-10-19 20:58

Name: Anonymous 2009-10-19 21:03

Name: Anonymous 2009-10-19 21:06

Name: Anonymous 2009-10-19 21:39

Name: Anonymous 2009-10-19 22:05

Name: Anonymous 2009-10-19 22:11

Name: Anonymous 2009-10-19 22:16

Name: Anonymous 2009-10-19 22:50

Name: Anonymous 2009-10-19 23:52

Name: Anonymous 2009-10-20 1:34

Name: Anonymous 2009-10-20 2:27

Name: Anonymous 2009-10-20 2:49

Name: Anonymous 2009-10-20 2:50

Name: Anonymous 2009-10-20 2:59

Name: Anonymous 2009-10-20 4:20

Name: OP 2009-10-20 5:49

Name: Anonymous 2009-10-20 5:52

Name: Anonymous 2009-10-20 6:14

Name: Anonymous 2009-10-20 6:17

Name: Anonymous 2009-10-20 6:23

Name: Anonymous 2009-10-20 6:26

Name: Anonymous 2009-10-20 6:26

Name: Anonymous 2009-10-20 6:29

Name: Anonymous 2009-10-20 6:43

Name: Anonymous 2009-10-20 7:55

Name: Anonymous 2009-10-20 8:00

Name: Anonymous 2009-10-20 8:03

Name: Anonymous 2009-10-20 8:10

Name: Anonymous 2009-10-20 8:14

Name: Anonymous 2009-10-20 8:20

Name: Anonymous 2009-10-20 8:20

Name: Anonymous 2009-10-20 8:24

Name: Anonymous 2009-10-20 9:04

Name: Anonymous 2009-10-20 9:09

Name: Anonymous 2009-10-20 9:19

Name: Anonymous 2009-10-20 9:29