On The Removal of gets()

WG 14 Document numberN1420
Date2009-10-26
ProjectProgramming Language C
ReferenceISO/IEC IS 9899:1999
Reply toNick Stoughton
USENIX Association
[email protected]

Background

The gets function in the stdio.h section of the C standard has long been a source of programming errors and vulnerabilities. Many compilers issue a warning when it is used. In TC3, WG14 marked this function as obsolete.

This paper is intended to give editorial direction to the project editor to completely remove this function from the next revision of the standard.

Compiler and library vendors are free, as always, to extend the standard as they see fit and to continue to provide this function for legacy code. However, in almost every case, this function is so well known as a source of trouble that its use is now almost completely removed from "production" code, and limited only to test suites!

Specific Changes

Delete 7.20.7.7 completely.

Delete paragraph 2 of 7.29.9.