博客
关于我
C语言中函数strcpy ,strncpy ,strlcpy的用法
阅读量:670 次
发布时间:2019-03-16

本文共 2995 字,大约阅读时间需要 9 分钟。

safe string copying in C: safer strncpy vs strlcpy and more

In C programming,edeックス predecessor言下之意[a function is as important as the programmer who uses it[/Vetaのリスト]. For string manipulation,.AutoSize experts rely on functions like strcpy, strncpy, memcpy, and recently strlcpy to avoid buffer overflow issues while copying data. Among these, strlcpy sometimes be [eve

from the dinosaurs to the modern era: the journey of string copying functions

Developers have long debated which function to use for saffer and safer string copying. Back in the day, strcpy was the only option, and it was dangerous because it assumed the destination buffer had enough space and was properly terminated with a null byte /0. This assumption often led to buffer overflowattacks when dealing with untrusted user input.

the rise of strncpy: a safer alternative

Ansic standard introduced strncpy as a safer alternative. The function copies up to n bytes from the source string to the destination buffer, but it has some quirky behaviors. For example, if the source string is shorter than n, strncpy fills the destination with null bytes until the end of the n bytes. This can be useful in some cases but feels counterintuitive compared to how strcpy works.

the better choice: strlcpy

Like many open-source projects, OpenBSD developers created strlcpy to address the shortcomings of strncpy. The function ensures that the destination buffer is properly null-terminated and does not overwrite beyond the buffer's capacity. If the source string is longer than the destination buffer, the excess data is discarded, and the function returns the original length of the source string to help detect truncation.

Why Use strlcpy Instead of strncpy?

  • No Need for Manual Null Termination: With strlcPy, you simply provide the size of the destination buffer and let the function handle the rest.
  • Always Null-Terminated: The function ensures the destination buffer is properly terminated with a null byte, even if the source string is shorter than the destination.
  • Return Value for檢查: strlcpy returns the length of the source string, allowing you to detect if the copy operation was truncated.

cross-platform considErsations

While strlCpY is a great choice for Unix-like systems, it's not part of the C standard. Windows, for example, doesn't have a native strlCpY function, and the process of copying strings often involves using strncpy combined with memset to clear the remaining buffer.

when to use memcpy?

memcpy is a lower-level function that directly copies bytes without any assumptions about the source or destination data. It's useful for copying arbitrary data, including binary data that may contain null bytes. However, it requires careful buffer management to prevent overruns.

conclusion

In modern C programming, strlCpY is often the best choice for both saffer and efficient string operations. However, your choice of function depends on the specific needs of your project and the environments you're targeting.

转载地址:http://xnoqz.baihongyu.com/

你可能感兴趣的文章
MySQL 添加列,修改列,删除列
查看>>
mysql 添加索引
查看>>
MySQL 添加索引,删除索引及其用法
查看>>
mysql 状态检查,备份,修复
查看>>
MySQL 用 limit 为什么会影响性能?
查看>>
MySQL 用 limit 为什么会影响性能?有什么优化方案?
查看>>
MySQL 用户权限管理:授权、撤销、密码更新和用户删除(图文解析)
查看>>
mysql 用户管理和权限设置
查看>>
MySQL 的 varchar 水真的太深了!
查看>>
mysql 的GROUP_CONCAT函数的使用(group_by 如何显示分组之前的数据)
查看>>
MySQL 的instr函数
查看>>
MySQL 的mysql_secure_installation安全脚本执行过程介绍
查看>>
MySQL 的Rename Table语句
查看>>
MySQL 的全局锁、表锁和行锁
查看>>
mysql 的存储引擎介绍
查看>>
MySQL 的存储引擎有哪些?为什么常用InnoDB?
查看>>
Mysql 知识回顾总结-索引
查看>>
Mysql 笔记
查看>>
MySQL 精选 60 道面试题(含答案)
查看>>
mysql 索引
查看>>