Is gets() really “dangerous”?
gets() is dangerous because it does no bounds checking. That means you can easily type in millions of characters, overflowing your storage buffer and overwriting parts of the program. This exploit has been used for years by the Bad Guys to write worms and viruses, hence the warning. When you’re ready to write programs for others to use, do not use gets()! For learning, however, it’s okay. (I may get in trouble for saying that gets() is “okay for learning,” but my opinion is that it’s easier to deal with gets() than to fumble over a workaround that causes the student to stumble in the learning process.