Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Lapse571yI think it's ok the way it is, because it's teaching the basics to beginner developers, so even if it isn't safe or perfect as long as it teaches them variables and scanf it's fine by me. Making a "better" version would probably result in more complicated code that beginners wouldn't understand and just copy-paste
@Lapse I guess to a degree but why teach scanf in the first place? It's litterally unsafe to use all of the time. And how much harder is printf("%s", name) ? They won't ever write format string vulnerabilities if they are never exposed to it. Honestly if an entire generation of programmers thinks that you MUST pass a hardcoded format string, I really don't think it will become much of an issue.
@AVGVSTVS honestly it's been far too long since I've written real C code so it may be a bit inacurrate.
If you are confused why I left out the "%s" (which is what I interpreted from your response), this is a real thing junior devs are taught, it does compile properly, it interprets the user input as a format string, and is the source of an entire class of very dangerous bugs. My point is we should stop teaching it.
Which makes me want to do more C now. I should. But my life recently has been a lot of python and x86.
++ for cool idea. I have no idea how to help
Your Job Suck?
Take a quick quiz from Triplebyte to skip the job search hassles and jump to final interviews at hot tech firms
Get a Better Job