pointer and char array

Question

I am using gcc 4.9.2-10 deb8u1 compiler to compile Here is my code

 #include <stdio.h>
    int main(){
    char *s;
    char sa[10] , sb[10];
    scanf("%s", sa);
    printf("line\n");
    scanf("%s", sb);
    printf("%s   %s", sa, sb);
}

Above code is no any problem if char is under the space provided

However

    scanf("%s", s);
    printf("line\n");
    scanf("%s", sa);
    printf("%s   %s", s, sa);

Input: $: Hu

Result: line (null) Hu

Someone could told me what happen about second code wrong .? I cannot figure out why i cannt input second one .. Thx a lot .!

Please provide a **complete** code example, this means you should have a `main()` function. — Code-Apprentice, Apr 16 '18 at 15:57
You said "code is no any problem if char is under the space provided" - Are you suggesting longer inputs cuase the problem? — doctorlove, Apr 16 '18 at 15:58
I'm voting to close this as off-topic because it asks for help diagnosing incomplete fragments of code (and, as a bonus, because you maybe `scanf()`ing to an uninitialised pointer). — underscore_d, Apr 16 '18 at 15:59
https://stackoverflow.com/questions/14707427/taking-string-input-in-char-pointer#14707497 check out this — jasinth premkumar, Apr 16 '18 at 16:01
Possible duplicate of [Taking string input in char pointer](https://stackoverflow.com/questions/14707427/taking-string-input-in-char-pointer) — jasinth premkumar, Apr 16 '18 at 16:02
when calling any of the `scanf()` family of functions: 1) always check the returned value (not the parameter values) to assure the operation was successful. 2) when using the input format specifier '%s' and/or '%[...]' always include a MAX CHARACTERS modifier that is one less than the length of the input buffer. This is for two reasons; a) those specifiers always append a NUL byte to the input b) to avoid any chance of a buffer overflow — user3629249, Apr 16 '18 at 16:03
@user3629249 I would add: 3) Never use `scanf` for user input. — melpomene, Apr 16 '18 at 16:03
Hint: What is the value of pointer `s` when it is passed to `scanf("%s", s);`? — chux - Reinstate Monica, Apr 16 '18 at 16:04
regarding: `scanf("%s", s);` This is writing characters to where a uninitialized pointer is pointing. This (probably) will result in a seg fault event. Similar considerations exist for: `printf("%s %s", s, sa);` — user3629249, Apr 16 '18 at 16:05
@melpomene it is C. I place it in C++ catagory so that more notice it XD — szema, Apr 16 '18 at 16:10
@szema, DO NOT place into categories where it does not belong. C and C++ are two very different languages — user3629249, Apr 16 '18 at 16:16
@jasinthpremkumar thx a lost its helpful for its simple question ...! — szema, Apr 16 '18 at 16:19
@szema it is called "tag spamming" - using irrelevant tags "so that more notice it". — Weather Vane, Apr 16 '18 at 16:35

score 1 · Answer 1 · answered Apr 16 '18 at 16:03

In you code

char *s;
char sa[10] , sb[10];

you can't do much with s.

scanf("%s", sa);

is ok, provided the input fits. You can jump through a few hoops, reading the inputs in chunks in a loop if it might be longer (see here)

However, in you "However" section of the question you try

scanf("%s", s);

Since s doesn't point to memory - you'd need to have allocated some - you have undefined behaviour, so anything could happen.

Achal · Answer 2 · 2018-04-16T16:26:14.907

0

I cannot figure out why i cannt input second one ? because s is not initialize and not having any valid address & doing scanf() on that results in undefined behaviour.

First allocate the memory and then scan the user input.

int main() {
        char *s; /* its un initialized */
        s = malloc(size); /* this you  need to do ? specify the size value */
        fgets(s,size,stdin);/* its advisable as its not having overflow problem */
        printf("%s\n",s);
        /* once job is done , free it by calling free(s) */
        free(s);
        return 0;
}

Use fgets() instead of scanf() to scan the user input for the reason listed in comments.

edited Apr 16 '18 at 16:26

answered Apr 16 '18 at 16:04

Achal

11,821
2
15
37

And consider freeing it afterwards too – doctorlove Apr 16 '18 at 16:05
2

`scanf("%s",s);` has overflow problems like `gets()` as they do not limit intput. Both should be avoided. – chux - Reinstate Monica Apr 16 '18 at 16:05
limit can be specified in `size` part of `malloc()` , isn't it ? Then Op should use `fgets()` instead of `scanf()` – Achal Apr 16 '18 at 16:08
2

"limit can be specified in size part of malloc()" --> No. The size allocated with `malloc()` is not known to `scanf()` unless _somehow_ that information is passed to the function. Maybe by the format of `scanf()`. Better still, consider `fgets()`. – chux - Reinstate Monica Apr 16 '18 at 16:10
I got your point about `scanf()`. Are you suggesting we shouldn't use `scanf()` on malloc'ed memory ? whats the other way – Achal Apr 16 '18 at 16:12
1

"Are you suggesting we shouldn't use scanf() on malloc'ed memory ?" --> Using `scanf("%s")` on any memory is weak programing practice - regardless of the source of the memory. – chux - Reinstate Monica Apr 16 '18 at 16:14
So why there is a `scanf()` at first place at all, just asking !!. If _regardless of the source of the memory_ either statically allocated memory or dynamic memory. – Achal Apr 16 '18 at 16:18
One last point, So Its advisable and consider as good practice to use `fgets()` instead of `scanf()` on malloc'ed memory or even static array, correct If am wrong. – Achal Apr 16 '18 at 16:22
2

@achal It's good practice to never use `scanf`, especially not for user input. Most users are bad at producing perfectly formatted input. – melpomene Apr 16 '18 at 16:23
yes @melpomene got your point. Thanks. – Achal Apr 16 '18 at 16:25
1

'Why do insecure functions (still) exist?' Let's think about that for a few seconds! Usually it's because no one either thought or cared about security back in the Stone Age when C was first standardised, and although better things are available now, the old stuff is left around because everyone's paranoid about breaking backwards compatibility (sometimes to a quite excessive extent, if you ask me). – underscore_d Apr 16 '18 at 17:32
Rightly pointed @underscore_d I got your point. – Achal Apr 16 '18 at 17:51

pointer and char array

2 Answers2