[C language] About solving the bug problem caused by malicious input/invalid input in the scanf function call and the automatic solution analysis of the code
In the past, when characters were entered, scanf("%c") was always "unable" to input because there was input in front, and even limited getchar() could not avoid it. For this reason, a method using scanf() and getchar was designed. () function properties to solve input failure or input bug/unsightly solution
Enter the code here:
#include <stdio.h>
int FormatInput(char opt);
int FormatInput(char opt)
{
while (1)
{
if (opt == 'Y' || opt == 'N')
{
if(opt == 'Y')
{
return 1;
break;
}
else
{
printf("\n\n\n\n\n\n");
return 0;
break;
}
}
else
{
while(getchar() != 10);// delete meaningless strings
printf ("\n=============================\n INVALID DATA ! \n=============================\n");
printf("Enter valid data (Y or N) to make your choice.\n");
printf("\nYour choice:");
scanf("%c",&opt);
}
}
}
int main (void)
{
int num1,num2,num3;
double average;
int i,j,k;
int check;
char opt;
printf("(Enter any character to start.)");
/* get the input data and provide chances to check and reenter data*/
do
{
i=j=k=0;
while(i == 0)
{
while(getchar() != 10);
printf("Enter 1st integer numbers: ");
i = scanf("%d",&num1);
while(getchar() != 10);
if(i == 0) printf ("\n=============================\n INVALID DATA ! \n=============================\n\n");
else
{
printf("%c",7);// prompt sound rings when enter finished
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nThe 1st number is %d.\n",num1);
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\n\n\n");
}
}
while(j == 0)
{
while(getchar() != 10);
printf("Enter 2nd integer numbers: ");
j = scanf("%d",&num2);
if (j == 0) printf ("\n=============================\n INVALID DATA ! \n=============================\n\n");
else
{
printf("%c",7);// prompt sound rings when enter finished
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nThe 2nd number is %d.\n",num2);
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\n\n\n");
}
}
while(k == 0)
{
while(getchar() != 10);
printf("Enter 3rd integer numbers: ");
k = scanf("%d",&num3);
if (k == 0) printf ("\n=============================\n INVALID DATA ! \n=============================\n\n");
else
{
printf("%c",7);// prompt sound rings when enter finished
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nThe 3rd number is %d.\n",num3);
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\n\n\n");
}
}
while(getchar() != 10);// delete meaningless strings
//getchar();//delete \n
printf("%c",7);// prompt sound rings when enter finished
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nThe 1st number is %d.\nThe 2nd number is %d.\nThe 3rd number is %d.\n",num1, num2, num3);
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nAre these numbers what you need?");
printf("(Y or N)\n");
printf("\nYour choice:");
scanf("%c",&opt);
check=FormatInput(opt);
}while (check == 0);
printf("\n\n=========== Data enter finished! ===========\n\n");
printf("%c",7);
/* calculate the average */
average = (num1 + num2 + num3) / 3.0;
/* display the result */
printf("\nThe average of %d, %d and %d is %f\n\n",num1, num2, num3, average);
while(getchar() != 10);
while(getchar() == 10);
getchar();
return 0;
}
The following is a detailed analysis of automation implementation
- The user maliciously/unintentionally enters all symbols except numbers when typing:
Letters and special characters: If it only contains scanf function input, additional input of letters and special characters will inevitably cause the program to exit directly, so scanf() is also an int function, which The return value is the number of successfully input data. You can first judgescanf("%d",&num1) ==1? , to prevent the program associated with input failure from terminating itself, and use while(getchar() != 10) to eliminate redundant characters.
Spaces, letters and special characters: Although spaces will not cause the program to exit, their overflow will also cause malicious input to subsequent input %c and limited getchar(). To avoid unknown bugs, use **while(getchar() != 10)** with getchar() to completely eliminate malicious input. At this time, you no longer have to worry about inputting Y/N due to random input in opportunistic places. A bug occurs when executing n times continuously and each time n illegal characters are entered, providing a good interactive experience
Note: getchar() is an int function and can return the ASCII code of the entered character, as long as If it is not 10 (the ASCII code of the newline character), continue getchar() to eliminate malicious overflow characters
while(i == 0)
{
while(getchar() != 10);
printf("Enter 1st integer numbers: ");
i = scanf("%d",&num1);
while(getchar() != 10);
if(i == 0) printf ("\n=============================\n INVALID DATA ! \n=============================\n\n");
else
{
printf("%c",7);// prompt sound rings when enter finished
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\nThe 1st number is %d.\n",num1);
printf("\n=========== Data has been successfully entered! ===========\n");
printf("\n\n\n");
}
}