博客
关于我
C语言中函数strcpy ,strncpy ,strlcpy的用法
阅读量:670 次
发布时间:2019-03-16

本文共 2995 字,大约阅读时间需要 9 分钟。

safe string copying in C: safer strncpy vs strlcpy and more

In C programming,edeックス predecessor言下之意[a function is as important as the programmer who uses it[/Vetaのリスト]. For string manipulation,.AutoSize experts rely on functions like strcpy, strncpy, memcpy, and recently strlcpy to avoid buffer overflow issues while copying data. Among these, strlcpy sometimes be [eve

from the dinosaurs to the modern era: the journey of string copying functions

Developers have long debated which function to use for saffer and safer string copying. Back in the day, strcpy was the only option, and it was dangerous because it assumed the destination buffer had enough space and was properly terminated with a null byte /0. This assumption often led to buffer overflowattacks when dealing with untrusted user input.

the rise of strncpy: a safer alternative

Ansic standard introduced strncpy as a safer alternative. The function copies up to n bytes from the source string to the destination buffer, but it has some quirky behaviors. For example, if the source string is shorter than n, strncpy fills the destination with null bytes until the end of the n bytes. This can be useful in some cases but feels counterintuitive compared to how strcpy works.

the better choice: strlcpy

Like many open-source projects, OpenBSD developers created strlcpy to address the shortcomings of strncpy. The function ensures that the destination buffer is properly null-terminated and does not overwrite beyond the buffer's capacity. If the source string is longer than the destination buffer, the excess data is discarded, and the function returns the original length of the source string to help detect truncation.

Why Use strlcpy Instead of strncpy?

  • No Need for Manual Null Termination: With strlcPy, you simply provide the size of the destination buffer and let the function handle the rest.
  • Always Null-Terminated: The function ensures the destination buffer is properly terminated with a null byte, even if the source string is shorter than the destination.
  • Return Value for檢查: strlcpy returns the length of the source string, allowing you to detect if the copy operation was truncated.

cross-platform considErsations

While strlCpY is a great choice for Unix-like systems, it's not part of the C standard. Windows, for example, doesn't have a native strlCpY function, and the process of copying strings often involves using strncpy combined with memset to clear the remaining buffer.

when to use memcpy?

memcpy is a lower-level function that directly copies bytes without any assumptions about the source or destination data. It's useful for copying arbitrary data, including binary data that may contain null bytes. However, it requires careful buffer management to prevent overruns.

conclusion

In modern C programming, strlCpY is often the best choice for both saffer and efficient string operations. However, your choice of function depends on the specific needs of your project and the environments you're targeting.

转载地址:http://xnoqz.baihongyu.com/

你可能感兴趣的文章
mysql5.6.21重置数据库的root密码
查看>>
Mysql5.6主从复制-基于binlog
查看>>
MySQL5.6忘记root密码(win平台)
查看>>
MySQL5.6的Linux安装shell脚本之二进制安装(一)
查看>>
MySQL5.6的zip包安装教程
查看>>
mysql5.7 for windows_MySQL 5.7 for Windows 解压缩版配置安装
查看>>
Webpack 基本环境搭建
查看>>
mysql5.7 安装版 表不能输入汉字解决方案
查看>>
MySQL5.7.18主从复制搭建(一主一从)
查看>>
MySQL5.7.19-win64安装启动
查看>>
mysql5.7.19安装图解_mysql5.7.19 winx64解压缩版安装配置教程
查看>>
MySQL5.7.37windows解压版的安装使用
查看>>
mysql5.7免费下载地址
查看>>
mysql5.7命令总结
查看>>
mysql5.7安装
查看>>
mysql5.7性能调优my.ini
查看>>
MySQL5.7新增Performance Schema表
查看>>
Mysql5.7深入学习 1.MySQL 5.7 中的新增功能
查看>>
Webpack 之 basic chunk graph
查看>>
Mysql5.7版本单机版my.cnf配置文件
查看>>