On Dec 22, 2006, at 24:25, Spitfire wrote: > I'm a newbie in Ruby. And, after a first couple of tutorials, I came > across the function 'gets'. Being similar to the function in C, I was > wondering if this would expose programs written in Ruby to buffer > overflow > vulnerabilities? Ruby's gets is similar to C's gets only if you squint really hard. Likely the biggest problem you'll come across with gets in ruby is a stream of bytes with no newline. > Or am I overlooking something here that would invalidate such an > argument? I mean, does the 'gets' in ruby perform bounds checking? All strings in ruby are bounds-checked. -- Eric Hodel - drbrain / segment7.net - http://blog.segment7.net I LIT YOUR GEM ON FIRE!