> Remember that since 1989, no actions were taken to improve its security. Techn... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rdpintqogeogsaa 10 months ago \| parent \| context \| favorite \| on: Rethinking the C Time API > Remember that since 1989, no actions were taken to improve its security. Technically, gets() was removed from the standard library in C11[0]. However, that is far from a semantically meaningful overhaul of the standard library. I nonetheless felt the need to point out that there was a very specific effort for the sake of completeness. [0] https://en.cppreference.com/w/c/io/gets

pjmlp 10 months ago [–]

Which is great, except for all those stubborn folks not using anything beyond C99, and scanf and fgets are still possible attack vectors, when getting sizes wrong.

ctoshiningc 10 months ago | [–]

Have you tried talking to them?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact