I have a question about the use of scanf_s vs. scanf. I'm writing C code using microsoft visual C++ and when I try to use scanf (or fscanf etc...) I get a warning which suggests using scanf_s, but I have never seen scanf_s in any of my books or in the c language refs I have seen online. So my question is, is scanf_s portable, ie is it part of the ANSI standard? Will other compilers recognize it? Also, any opinion as to which is better to use, scanf_s vs scanf? Thanks for any info you can give.
Any format string of the form "%s" is dangerous because it doesn't prevent buffer overflow (a security concern). For all such functions MS introduced 'secure' versions, like scanf_s().
But plain-old scanf() is the ANSI standard, and it is not deprecated by anyone but MS.
Just make sure there is always a number between % and s in your format strings.
There are several ways you can fix things.
1. #define _CRT_SECURE_NO_DEPRECATE before you include any headers and just use the ANSI scanf().
2. Use a little preprocessor magic for non-VC++ compilers: