8 Replies - 8440 Views - Last Post: 13 August 2008 - 03:02 AM Rate Topic: -----

#1 LowWaterMark  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 119
  • Joined: 30-July 08

printf vs puts

Post icon  Posted 12 August 2008 - 05:03 AM

This is a C language question. Regarding the printing and retrieval of strings, I'm confused as to what situation is appropriate for the function pair:

printf()
scanf()

as opposed to:
puts()
gets()

This post has been edited by LowWaterMatk: 12 August 2008 - 05:06 AM

Is This A Good Question/Topic? 0
  • +

Replies To: printf vs puts

#2 joske  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 43
  • View blog
  • Posts: 297
  • Joined: 04-September 07

Re: printf vs puts

Posted 12 August 2008 - 07:11 AM

puts: outputs a string (and automatically add a line feed character)
printf: outputs formatted data.

fets: Reads characters from input and stores them into a string until a newline character ('\n') or '\0' is reached.
scanf: Reads formatted data from the input (can be a string, float, integer, or whatever).

So, gets and puts are for basic reading and writing of strings, and scanf and printf are more advanced and can read/write formatted data.
Was This Post Helpful? 0
  • +
  • -

#3 Tom9729  Icon User is offline

  • Segmentation fault
  • member icon

Reputation: 180
  • View blog
  • Posts: 2,641
  • Joined: 30-December 07

Re: printf vs puts

Posted 12 August 2008 - 07:39 AM

puts() is great for quick debug messages but it has a few limitations, mainly that you can't specify variables to print and it always adds a newline.

I don't use the other functions so I couldn't tell you how they work. :)

Edit:
int a = 5, b = 6;

// this will print:
// a=5, b=6
printf("a=%d, b=%d\n", a, b );

// this will print:
// hello!
puts("hello!");


This post has been edited by Tom9729: 12 August 2008 - 07:42 AM

Was This Post Helpful? 0
  • +
  • -

#4 LowWaterMark  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 119
  • Joined: 30-July 08

Re: printf vs puts

Posted 12 August 2008 - 10:17 AM

Got it! Thanks people.

Analogous to defining the int vs the float number variable, the sole advantage of the puts() and gets() functions is their economy of size. Yes? Like defining int if you can get away with it. "Save a penny, earn a penny", as my grandmother used to say.
Was This Post Helpful? 0
  • +
  • -

#5 Tom9729  Icon User is offline

  • Segmentation fault
  • member icon

Reputation: 180
  • View blog
  • Posts: 2,641
  • Joined: 30-December 07

Re: printf vs puts

Posted 12 August 2008 - 10:26 AM

I just use puts() when I can because it's slightly faster to type. Maybe it runs faster than printf(), but I doubt you would ever notice a performance difference in a real world application.

Integers on most systems certainly take up less memory than floating points, but that's not usually the reason you would choose one of them over the other in my opinion.

You can't increment a floating point, floating point math is slower than integer math, you can't use floating points as array indices, etc.

Use integers when they make sense, use floating points when they're necessary. F.ex. if you're counting people you hopefully wouldn't ever have half a person, so using floating points wouldn't make sense in that situation. If you're doing any kind of work with raster graphics, using floating points wouldn't make sense because you can't ever have less than a whole pixel. If you're doing scientific work you probably would want to use floating points though to preserve accuracy. Pi as an integer is just 3. :)

This post has been edited by Tom9729: 12 August 2008 - 10:27 AM

Was This Post Helpful? 0
  • +
  • -

#6 NickDMax  Icon User is offline

  • Can grep dead trees!
  • member icon

Reputation: 2250
  • View blog
  • Posts: 9,245
  • Joined: 18-February 07

Re: printf vs puts

Posted 12 August 2008 - 01:48 PM

There is a security concern that makes it better to call puts() over printf() if you don't need the formatting function.

Don't do this:
printf(someStr); either use this: printf("%s", someStr) or use puts().

I have also seen people say don't use printf("Static String");

The concern has to do with using a HEX editor to change "Static String\n" into something like "%sactic String" -- which would more than likely crash the program. However, I am not sure this would work, and I if it does, what is to stop the Hax0r (for it must be a Hax0r) from editing any valid format string?

gets() has a similar fault in that you can't control the size of the input. The user can cause your program to crash by holding his figure on a key an causing a buffer overrun.

Rather than use gets() you should use fgets() since you can specify a size of the buffer. fgets(buffer, length, stdin);

Google books has "Hacking Exposed" which has a nice chapter on this kind of stuff.
Was This Post Helpful? 0
  • +
  • -

#7 Tom9729  Icon User is offline

  • Segmentation fault
  • member icon

Reputation: 180
  • View blog
  • Posts: 2,641
  • Joined: 30-December 07

Re: printf vs puts

Posted 12 August 2008 - 02:01 PM

View PostNickDMax, on 12 Aug, 2008 - 04:48 PM, said:

There is a security concern that makes it better to call puts() over printf() if you don't need the formatting function.

Don't do this:
printf(someStr); either use this: printf("%s", someStr) or use puts().

I have also seen people say don't use printf("Static String");

The concern has to do with using a HEX editor to change "Static String\n" into something like "%sactic String" -- which would more than likely crash the program. However, I am not sure this would work, and I if it does, what is to stop the Hax0r (for it must be a Hax0r) from editing any valid format string?

gets() has a similar fault in that you can't control the size of the input. The user can cause your program to crash by holding his figure on a key an causing a buffer overrun

I don't see how someone being able to open up the executable with a hex editor to change things would be considered a security vulnerability. If they could do that, couldn't they just replace it with EvilTrojanVirus.exe?

I do agree that buffer overruns are bad news though. :ph34r:

This post has been edited by Tom9729: 12 August 2008 - 02:03 PM

Was This Post Helpful? 0
  • +
  • -

#8 NickDMax  Icon User is offline

  • Can grep dead trees!
  • member icon

Reputation: 2250
  • View blog
  • Posts: 9,245
  • Joined: 18-February 07

Re: printf vs puts

Posted 12 August 2008 - 02:18 PM

Yea I have never quite agreed with that either. Not all H4x0rs are sophisticated enough to actually replace the code so they may just look for stings (I used to replace strings all the time :) Liked to change "Help" to "Hell" and what not... I outgrew that... mostly).

But if your worried about HEX editors there are lots of things that can be done to crash a program (just randomly replace bytes). I mentioned it because it popped into my head as I was typing...

but the first concern: printf(somestr) is bad if "somestr" is input by the user, because then they can just type in some format string... no hex editor needed to crash your program.

This post has been edited by NickDMax: 12 August 2008 - 02:19 PM

Was This Post Helpful? 0
  • +
  • -

#9 LowWaterMark  Icon User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 119
  • Joined: 30-July 08

Re: printf vs puts

Posted 13 August 2008 - 03:02 AM

Nevertheless, I had never considered the security side of my question. Thanks. It gives me something else to think about and that inches me closer to understanding the language's big picture.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1