C program error : this program uses gets(), which is unsafe

gets can be used to read user input string in C. But if you are using gets, you will get this warning message :

this program uses gets(), which is unsafe

Reason :

gets() is used to read user content and put that content in an character array :

#include <stdio.h>

int main()
{
    char strArr[5];

    printf("Enter a string : ");
    gets(strArr);

    return 0;
}

It can read upto 5 character at max. But, we are not informing gets() about that. It will read all the characters that it will find. 5 or more than 5, it doesn’t care and that cause cause serious security issues.

Solution :

Use fgets. We can inform it how many max characters to read :

#include <stdio.h>

int main()
{
    char strArr[5];

    printf("Enter a string : ");
    fgets(strArr, 5, stdin);

    return 0;
}