Why should the system() function be avoided in C and C++?
There are multiple problems here:
- First of all,
system()
as a function is cross-platform and available not just on Windows or Linux. However, the actual programs being called might be platform dependant. For example, you can usesystem()
to create a directory:system("md Temp")
. This will only work on Windows, as Linux doesn't know a command calledmd
. For Linux it would have to besystem("mkdir Temp")
. This goes on, so you'd need a custom solution for each and every platform. - This will always spawn a child process that's then executing something. This will in general be slower than some inlined code, e.g. the command or program has to be loaded, has load it's own dependencies, then it has to be executed etc. which is usually a lot more work.
If you're just doing some quick testing on one platform, using system()
is perfectly fine, but you shouldn't use it in production environments, unless you really have to. For example, you could allow the user to set an external program that is then executed. For something like this system()
is perfectly fine.
Does the system() function belong to C or C++?
Both c and cpp support the function system as they have support for the stdlib.h that contains the prototype of system() function.
Is system() call in C program safe?
System() is vulnerable as the command used can be replaced. To avoid it we can use library functions like fork execl, execv, execle, execve, execlp, execvp
.
Why doesn't the system() function work?
Probably because system()
starts a new instance of cmd.exe
, which runs your command and then exits. Thus, it doesn't hold state between invocations, unlike when you run a single instance and give it multiple commands interactively.
One way of working around this is hinted at by cmd.exe
's help text:
Note that multiple commands separated by the command separator
'&&'
are accepted for string if surrounded by quotes.
So, you should be able to run a command like "d: && chdir"
to do both operations in a single invocation of cmd.exe
.
Is it bad practice to use the system() function when library functions could be used instead? Why?
Unless you are writing code for only one OS, there is no way of knowing if your system call will even work. What happens when there is a system update or an OS upgrade?
Never use a system call if there is a library to do the same function.
How system function in C works
this is basis of fork
/*previous code*/
if((cpid=fork())<0){
printf("\n\tFORK ERROR");
exit(1);
}
if(cpid==0){ /*SON*/
/*CODE FOR SON-your `execl("./infinite",0);` goes here*/
}else{ /*FATHER*/
/*CODE FOR FATHER-your `printf("In controller End\n\n");` */
}
dont forget that when making a fork memory and variables are copied to the SON pid
System function is not working in C when the command contains ..
system
does not run your normal shell. It instead always runs /bin/sh
. From system
(3):
DESCRIPTION
The
system
() library function usesfork
(2) to create a child process
that executes the shell command specified in command usingexecl
(3)
as follows:execl("/bin/sh", "sh", "-c", command, (char *) NULL);
system()
returns after the command has been completed.
Usually /bin/sh
is a shell that does not understand {1000..60000}
. To run bash or zsh you need to do something like
system("/bin/bash -c 'getent passwd {1000..60000}'");
Related Topics
Constants and Compiler Optimization in C++
Catch Exception by Pointer in C++
How to Check Whether Operator== Exists
Why Is the Template Argument Deduction Not Working Here
On Which Platforms Does Integer Divide by Zero Trigger a Floating Point Exception
Registering a Cpp Dll into Com After Installation Using Wix Msi Installer
C++ Code File Extension? Difference Between .Cc and .Cpp
When Vectors Are Allocated, Do They Use Memory on the Heap or the Stack
Are "Anonymous Structs" Standard? And, Really, What *Are* They
Win32 API to Enumerate Dll Export Functions
What's the Best Way to Iterate Over Two or More Containers Simultaneously
Why Does Integer Overflow on X86 With Gcc Cause an Infinite Loop
Std::Endl Is of Unknown Type When Overloading Operator≪≪