Index: lib/libc/stdio/Makefile.inc =================================================================== --- lib/libc/stdio/Makefile.inc +++ lib/libc/stdio/Makefile.inc @@ -14,7 +14,7 @@ fputwc.c fputws.c fread.c freopen.c fscanf.c fseek.c fsetpos.c \ ftell.c funopen.c fvwrite.c fwalk.c fwide.c fwprintf.c fwscanf.c \ fwrite.c getc.c getchar.c getdelim.c getline.c \ - gets.c getw.c getwc.c getwchar.c makebuf.c mktemp.c \ + getw.c getwc.c getwchar.c makebuf.c mktemp.c \ open_memstream.c open_wmemstream.c \ perror.c printf.c printf-pos.c putc.c putchar.c \ puts.c putw.c putwc.c putwchar.c \ @@ -49,7 +49,7 @@ ferror.3 feof.3 ferror.3 feof_unlocked.3 \ ferror.3 fileno.3 ferror.3 fileno_unlocked.3 MLINKS+=fflush.3 fpurge.3 -MLINKS+=fgets.3 gets.3 +MLINKS+=fgets.3 MLINKS+=flockfile.3 ftrylockfile.3 flockfile.3 funlockfile.3 MLINKS+=fopen.3 fdopen.3 fopen.3 freopen.3 fopen.3 fmemopen.3 MLINKS+=fputs.3 puts.3 Index: lib/libc/stdio/Symbol.map =================================================================== --- lib/libc/stdio/Symbol.map +++ lib/libc/stdio/Symbol.map @@ -49,7 +49,6 @@ fwscanf; getc; getchar; - gets; getw; getwc; getwchar; Index: lib/libc/stdio/fgets.3 =================================================================== --- lib/libc/stdio/fgets.3 +++ lib/libc/stdio/fgets.3 @@ -36,8 +36,7 @@ .Dt FGETS 3 .Os .Sh NAME -.Nm fgets , -.Nm gets +.Nm fgets .Nd get a line from a stream .Sh LIBRARY .Lb libc @@ -45,8 +44,6 @@ .In stdio.h .Ft char * .Fn fgets "char * restrict str" "int size" "FILE * restrict stream" -.Ft char * -.Fn gets "char *str" .Sh DESCRIPTION The .Fn fgets @@ -67,38 +64,24 @@ The .Fn gets function -is equivalent to -.Fn fgets -with an infinite -.Fa size -and a -.Fa stream -of -.Dv stdin , -except that the newline character (if any) is not stored in the string. -It is the caller's responsibility to ensure that the input line, -if any, is sufficiently short to fit in the string. +was unsafe and is no longer available. .Sh RETURN VALUES Upon successful completion, .Fn fgets -and -.Fn gets -return +returns a pointer to the string. If end-of-file occurs before any characters are read, -they return +it returns .Dv NULL and the buffer contents remain unchanged. If an error occurs, -they return +it returns .Dv NULL and the buffer contents are indeterminate. The .Fn fgets -and -.Fn gets -functions -do not distinguish between end-of-file and error, and callers must use +function +does not distinguish between end-of-file and error, and callers must use .Xr feof 3 and .Xr ferror 3 @@ -121,13 +104,6 @@ .Xr read 2 , or .Xr malloc 3 . -.Pp -The function -.Fn gets -may also fail and set -.Va errno -for any of the errors specified for the routine -.Xr getchar 3 . .Sh SEE ALSO .Xr feof 3 , .Xr ferror 3 , @@ -135,22 +111,7 @@ .Xr fgetws 3 , .Xr getline 3 .Sh STANDARDS -The functions -.Fn fgets -and -.Fn gets -conform to -.St -isoC-99 . -.Sh SECURITY CONSIDERATIONS The -.Fn gets -function cannot be used securely. -Because of its lack of bounds checking, -and the inability for the calling program -to reliably determine the length of the next incoming line, -the use of this function enables malicious users -to arbitrarily change a running program's functionality through -a buffer overflow attack. -It is strongly suggested that the .Fn fgets -function be used in all cases. +function conforms to +.St -isoC-99 . Index: lib/libc/stdio/gets.c =================================================================== --- lib/libc/stdio/gets.c +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Chris Torek. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)gets.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ -#include -__FBSDID("$FreeBSD$"); - -#include "namespace.h" -#include -#include -#include -#include "un-namespace.h" -#include "libc_private.h" -#include "local.h" - -__warn_references(gets, "warning: this program uses gets(), which is unsafe."); - -char * -gets(char *buf) -{ - int c; - char *s, *ret; - static int warned; - static const char w[] = - "warning: this program uses gets(), which is unsafe.\n"; - - FLOCKFILE_CANCELSAFE(stdin); - ORIENT(stdin, -1); - if (!warned) { - (void) _write(STDERR_FILENO, w, sizeof(w) - 1); - warned = 1; - } - for (s = buf; (c = __sgetc(stdin)) != '\n'; ) { - if (c == EOF) - if (s == buf) { - ret = NULL; - goto end; - } else - break; - else - *s++ = c; - } - *s = 0; - ret = buf; -end: - FUNLOCKFILE_CANCELSAFE(); - return (ret); -} Index: lib/libc/stdio/stdio.3 =================================================================== --- lib/libc/stdio/stdio.3 +++ lib/libc/stdio/stdio.3 @@ -279,7 +279,6 @@ .It "getchar get next character or word from input stream" .It "getdelim get a line from a stream" .It "getline get a line from a stream" -.It "gets get a line from a stream" .It "getw get next character or word from input stream" .It "getwc get next wide character from input stream" .It "getwchar get next wide character from input stream"