Vultr DocsLatest Content

C++ cstdio gets() - Read String From Stdin

Updated on 15 May, 2025
gets() header image

Introduction

The gets() function in C++ is a standard library function housed within the <cstdio> header, primarily used for reading strings from standard input (stdin). It captures an entire line from stdin, up to but not including the newline character, and stores it into a buffer provided by the user. Despite its ability to read input from stdin in C++, gets() has been deprecated due to safety concerns, primarily buffer overflow vulnerabilities.

In this article, you will learn how to use the gets() function to read input strings from the user in C++. Explore how gets() operates, its associated risks, and alternatives that can be used to achieve similar functionality safely.

Understanding gets() in C++ for Reading Strings from Stdin

Basic Usage of gets()

  1. Include the <cstdio> header in your C++ program.

  2. Declare a buffer to store the input string from stdin.

  3. Use the gets() function to read the input from stdin.

    cpp 
    #include <cstdio>

int main() {
    char str[100];
    printf("Enter a string: ");
    gets(str);
    printf("You entered: %s\n", str);
    return 0;
}

    This code snippet sets up a buffer str capable of holding up to 99 characters (allowing space for the null terminator). The gets() function reads a line of text from the user and stores it in this buffer.

The Risks of Using gets() in C++ for Reading Input from Stdin

  1. Realize that gets() does not perform bounds checking.

  2. Recognize the risk of buffer overflow in C++, which can lead to security vulnerabilities.

    When using gets(), if the input exceeds the buffer size, it can overwrite adjacent memory areas, causing program crashes or security exploits. That’s why it’s discouraged in modern C++ programs to read input from stdin.

Safe Alternatives to gets() to Read Strings from Stdin in C++

Using fgets() for Safer Input

  1. Use fgets() to read strings from stdin safely in C/C++ with buffer size limitation.

  2. Specify the buffer, the maximum size, and the stdin stream as arguments to fgets().

    cpp 
    #include <cstdio>

int main() {
    char str[100];
    printf("Enter a string: ");
    fgets(str, sizeof(str), stdin);
    printf("You entered: %s", str);  // `fgets()` includes the newline character in the buffer
    return 0;
}

    Here, fgets() reads up to 99 characters and includes safety for preventing buffer overflow. Note that fgets() keeps the newline character if it reads it before reaching the buffer limit.

Using C++ Strings for Dynamic Handling

  1. Utilize C++ std::string and std::getline() for dynamic input handling.

  2. Include the <iostream> and <string> headers for this purpose.

    cpp 
    #include <iostream>
#include <string>

int main() {
    std::string input;
    std::cout << "Enter a string: ";
    std::getline(std::cin, input);
    std::cout << "You entered: " << input << std::endl;
    return 0;
}

    This approach uses C++ standard library features, providing more flexibility and safety compared to gets() or even fgets(). It’s especially useful when reading strings, lines, or matrices from stdin in C++.

Conclusion

While the gets() function in C++ offers a straightforward method to read strings from stdin, its usage is strongly discouraged due to the inherent risks of buffer overflow. Explore and utilize safer alternatives like fgets() and C++ strings with std::getline() for robust and secure input handling in your applications. By adhering to these safer practices, you ensure that your applications remain robust, secure, and maintainable.

Related Content
C++ cstdio fgets() - Read String from Stream
27 September, 2024
Article
C Program to Find the Frequency of Characters in a String
11 December, 2024
Article
C++ cstdio freopen() - Reopen Stream File
27 September, 2024
Article
C Program to Read the First Line From a File
04 December, 2024
Article

Comments

No comments yet.