if one complains about gets(), why not do the same with scanf(“%s”,…)?

Question

From man gets:

Never use gets(). Because it is impossible to tell without knowing the data in advance how many characters ge

Answer 1

It may be simply that scanf will allocate space on the heap based on how much data is read in. Since it doesn't allocate the buffer and then read until the null character is read, it doesn't risk overwriting the buffer. Instead, it reads into its own buffer until the null character is found, and presumably copies that buffer into another of the correct size at the end of the read.