Hi, I got some problem on the scanf of the string, for example I want to type the student name is 'kenneth Smith', but only 'kenneth' stored into "stud_detail[x].student_name" but the 'Smith' store into next scanf variable 'stud_detail[x].index_num'. Hope some one could help me struct STUDENT_RECORD{ char index_num[9],student_name[50],gender; }; ------------A part of code------------------ struct STUDENT_RECORD stud_detail[CLASS_SIZE]; printf("Student %d \n", x+1); printf("Student Name :\t "); scanf("%s ",&stud_detail[x].student_name); printf("Index Number :\t "); scanf("%s ",&stud_detail[x].index_num); printf("Gender :\t "); scanf("%s ",&stud_detail[x].gender); printf("Grade of AACS1084 Programming Concepts & Design II :\t "); scanf("%s ", &exam[x][0].grade); printf("Grade of AACS1123 Principle of Information Systems :\t "); scanf("%s ", &exam[x][1].grade);

scanf breaks at the first blank character (space, tab, newline, etc.). You can use something like fgets to always read until the first newline (or the size of the buffer that you specify, whichever comes first).

Quote:Original post by Lajnold
scanf breaks at the first blank character (space, tab, newline, etc.). You can use something like fgets to always read until the first newline (or the size of the buffer that you specify, whichever comes first).

hi actually how to use fgets? I get some info from internet, but all are for File, but i just wish to use it as scanf. Can you show some example. Thanks a lot

Quote:Original post by 123abcd1983
hi actually how to use fgets? I get some info from internet, but all are for File, but i just wish to use it as scanf. Can you show some example. Thanks a lot

Just send stdin as the FILE pointer.

printf("Student %d \n", x+1);printf("Student Name :\t ");fgets(stud_detail[x].student_name, 50, stdin);

Looks to me like scanf doesn't do bounds checking here, and I can walk all over your stack/instruction pointer with malicious input.

http://en.wikipedia.org/wiki/Scanf

Quote:Like printf, scanf is vulnerable to format string attacks. Great care should be taken to ensure that the formatting string includes limitations for string and array sizes. In most cases the input string size from a user is arbitrary, it can not be determined before the scanf function is executed. This means that uses of '%s' placeholders without length specifiers are inherently insecure and exploitable for buffer overflows. Another potential problem is to allow dynamic formatting strings, for example formatting strings stored in configuration files or other user controlled files. In this case the allowed input length of string sizes can not be specified unless the formatting string is checked beforehand and limitations are enforced. Related to this are additional or mismatched formatting placeholders which do not match the actual vararg list. These placeholders might be partically extracted from the stack, contain undesirable or even insecure pointers depending on the particular implementation of varargs.

this is better

Quote:

printf("Student %d \n", x+1);printf("Student Name :\t ");fgets(stud_detail[x].student_name, 50, stdin);