为什么要在C ++中避免使用输入操作符(operator >>)?
[英]Why should you avoid input operator (operator>>) in C++?
问题描述
In this question the author of the accepted answer does not recommend the usage of the input operator, because: 
在这个问题中,接受答案的作者不建议使用输入操作符,因为:
operator>>is subject toiomanipstream manipulators and other "funny" stuff, so you can never be sure that it does what's advertised.operator>>受制于iomanip流操纵器和其他“有趣”的东西,所以你永远无法确定它是否做了所宣传的内容。
But what does it mean? 但是这是什么意思? Why should we avoid the input operator of the C++ when we are programming in C++? 当我们用C ++编程时,为什么要避免使用C ++的输入操作符?
The books I have read from The Definitive C++ Book Guide and List did not mention this, they introduced and used the input operator. 我从The Definitive C ++ Book Guide and List中读到的书没有提到这一点,他们介绍并使用了输入操作符。 I have not found anything useful in this topic on the internet neither. 我也没有在互联网上找到这个主题有用的东西。
Thanks! 谢谢!
ps: I am sorry, but I do not have enough reputation to ask my question in that topic. ps:很抱歉,但我没有足够的声誉在这个话题中提出我的问题。
2 个解决方案
解决方案1
3 2014-01-16 08:53:29
The only things I can think of are the fact that operator>> retains a lot of settings between uses. 我能想到的唯一事情是运营商>>在使用之间保留了很多设置。 For example: 例如:
std::ifstream fin("input.txt");
std::string str;
double num;
someOtherFunction(fin);
while (fin >> str >> num)
{
//do something
}
looks pretty innocent unless we consider: 除非我们考虑,否则看起来很无辜
void someOtherFunction(std::ifstream& fin){
fin.width(1);
fin.setf(/* some flags here */);
//...
}
I personally read the file raw and do parsing with regex but I am by no means an expert on the subject so that advice should be taken with a big grain of salt. 我个人阅读原始文件并使用正则表达式进行解析,但我绝不是该主题的专家,所以建议应该用大量的盐。
解决方案2
-3 2014-01-16 07:57:55
If the user input length is larger than the allocated buffer, this could lead to a buffer overflow. 如果用户输入长度大于分配的缓冲区,则可能导致缓冲区溢出。 Hackers may use this in order to overwrite the return address and run malicious code. 黑客可能会使用此方法来覆盖返回地址并运行恶意代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.