About sscanf() and sscanf_s()

Forum

Forum
Beginners
About sscanf() and sscanf_s()

About sscanf() and sscanf_s()

Hi, I am a C++ begginer.I got some questions here.
I write something like this in VC 2010:

#include <stdlib.h>
#include <string>
#include <iostream>
using namespace std;
int main ()
{
	string date;
	cout<<"Input the Date(YY-MM-DD):";
	cin>>date;
	int year,month,day;
	sscanf (date.c_str(),"%d-%d-%d",&year,&month,&day);
	if(year>1900&&year<2012&&month>0&&month<13&&day>0&&day<32)
		cout<<year<<'.'<<month<<'.'<<day<<endl;
	else cout<<"error"<<endl;
	return 0;
}

when i build it, the VC gives a warning:

warning C4996: 'sscanf': This function or variable may be unsafe. Consider using sscanf_s instead.

so i follow the instruction to use sscanf_s().
but when i build this program in the eclipse cdt with MinGW c++,
it cannot find the function sscanf_s().
then i google this problem and find that the sscanf_s() is something MS added to C++(right?)
and i find that the difference between these two function may be something to do with the buffer size when using %s or %c as format type.

my question is:
1.Is it neccessary to change sscanf() to sscanf_s() when i just using %d as format type, just like my code here?
2.When i use eclipse, it means i can only use sscanf(),right? Is it really unsafe or not good to use this function?

Thanks.

PS:sorry for my poor english.

Last edited on

matsom (288)

1.Is it neccessary to change sscanf() to sscanf_s() when i just using %d as format type, just like my code here?

No, understand the warning and find out how sscanf() (or scanf() etc.) can hurt your apps. sscanf_s() is a microsoft hack(?) and should affect the portability of your code (as you yourself have found out).
IMHO you shouldn't also mix and match old C-strings functions with newer (and safer and better) string type

2.When i use eclipse, it means i can only use sscanf(),right?

Depends on what compiler Eclipse is using

cagen (3)

Thank you for your answer, matsom.

IMHO you shouldn't also mix and match old C-strings functions with newer (and safer and better) string type

And thank you for your suggestion.
i am not familiar with C-strings thing.is it something like "char * str "or "char str[512]"?
i use string type just because i think it is more convenient than C-strings.
but i cannot find a function just like sscanf() in string type.
then should i use old C-strings just for matching the function
or write a new function myself (i really have no idea how to write function like that)?
Any more suggestion?

Thanks a lot.

matsom (288)

You can consider using <sstream>/stringstream (#include <sstream> ) refs:
http://www.cplusplus.com/reference/iostream/stringstream/stringstream/
http://www.cplusplus.com/reference/iostream/stringstream/
even istream/ostream can be useful:
http://www.cplusplus.com/reference/iostream/istream/
http://www.cplusplus.com/reference/iostream/ostream/

n.b these too causes my head to explode, but ultimately it's as intuitive as good 'ol scanf()/sscanf()/printf()

i am not familiar with C-strings thing.is it something like "char * str "or "char str[512]"?

Yes, some authors/teachers use the term to distinguish between the old char* str, char str[512] with the new string class and objects

cagen (3)

Thank you!
It seems a huge task to learn these stuff :-D

Topic archived. No new replies allowed.