you completely missed my point... I ask you to fill in the fairly vague statement "and thats why i dont use any thing based on basic" and you come back and post some random C program. That tells me nothing about why you won't use anything based on BASIC it just tells me that you enjoy mixing the C++ iostream overloaded operator paradigm with the use of printf() for output thus requiring you to include both stdio and iostream into your program. Settle on printf and scanf or cout and cin, mixing the two is just a demonstration in incompetence (although in this case it's not crucial, it just seems strange to mix the two). And yes, cout DOES support output formatting, it's somewhere in the iostream namespace, I believe.
Additionally, regarding the "new" improved program with "security fixes"...
what happens if you enter 25 characters via cin?
or for that matter, what if you were to enter 24 characters into the second number, and then have some carefully conditioned output that changes the return address by overwriting the stack frame with a new return location... and making that new location point to a NOP sled leading into malicious code, namely a call to execute the local shell. If for some reason your program was run as an administrator then that crafted input now executes a shell window that has administrator privileges!
Dear me! This is even WORSE then it was before!
(of course nobody is A: going to run it as admin or B: use it as an attack vector, but when your writing code you have to consider all the possibilities, if a tiny addition program can contain such a large security hole, well, gee whiz, bigger programs don't stand a chance! (It'll be sendmail all over again....))
lol
