博客
关于我
C语言中函数strcpy ,strncpy ,strlcpy的用法
阅读量:670 次
发布时间:2019-03-16

本文共 2995 字,大约阅读时间需要 9 分钟。

safe string copying in C: safer strncpy vs strlcpy and more

In C programming,edeックス predecessor言下之意[a function is as important as the programmer who uses it[/Vetaのリスト]. For string manipulation,.AutoSize experts rely on functions like strcpy, strncpy, memcpy, and recently strlcpy to avoid buffer overflow issues while copying data. Among these, strlcpy sometimes be [eve

from the dinosaurs to the modern era: the journey of string copying functions

Developers have long debated which function to use for saffer and safer string copying. Back in the day, strcpy was the only option, and it was dangerous because it assumed the destination buffer had enough space and was properly terminated with a null byte /0. This assumption often led to buffer overflowattacks when dealing with untrusted user input.

the rise of strncpy: a safer alternative

Ansic standard introduced strncpy as a safer alternative. The function copies up to n bytes from the source string to the destination buffer, but it has some quirky behaviors. For example, if the source string is shorter than n, strncpy fills the destination with null bytes until the end of the n bytes. This can be useful in some cases but feels counterintuitive compared to how strcpy works.

the better choice: strlcpy

Like many open-source projects, OpenBSD developers created strlcpy to address the shortcomings of strncpy. The function ensures that the destination buffer is properly null-terminated and does not overwrite beyond the buffer's capacity. If the source string is longer than the destination buffer, the excess data is discarded, and the function returns the original length of the source string to help detect truncation.

Why Use strlcpy Instead of strncpy?

  • No Need for Manual Null Termination: With strlcPy, you simply provide the size of the destination buffer and let the function handle the rest.
  • Always Null-Terminated: The function ensures the destination buffer is properly terminated with a null byte, even if the source string is shorter than the destination.
  • Return Value for檢查: strlcpy returns the length of the source string, allowing you to detect if the copy operation was truncated.

cross-platform considErsations

While strlCpY is a great choice for Unix-like systems, it's not part of the C standard. Windows, for example, doesn't have a native strlCpY function, and the process of copying strings often involves using strncpy combined with memset to clear the remaining buffer.

when to use memcpy?

memcpy is a lower-level function that directly copies bytes without any assumptions about the source or destination data. It's useful for copying arbitrary data, including binary data that may contain null bytes. However, it requires careful buffer management to prevent overruns.

conclusion

In modern C programming, strlCpY is often the best choice for both saffer and efficient string operations. However, your choice of function depends on the specific needs of your project and the environments you're targeting.

转载地址:http://xnoqz.baihongyu.com/

你可能感兴趣的文章
mysql 行转列 列转行
查看>>
Mysql 表分区
查看>>
mysql 表的操作
查看>>
mysql 视图,视图更新删除
查看>>
MySQL 触发器
查看>>
mysql 让所有IP访问数据库
查看>>
mysql 记录的增删改查
查看>>
MySQL 设置数据库的隔离级别
查看>>
MySQL 证明为什么用limit时,offset很大会影响性能
查看>>
Mysql 语句操作索引SQL语句
查看>>
MySQL 误操作后数据恢复(update,delete忘加where条件)
查看>>
MySQL 调优/优化的 101 个建议!
查看>>
mysql 转义字符用法_MySql 转义字符的使用说明
查看>>
mysql 输入密码秒退
查看>>
mysql 递归查找父节点_MySQL递归查询树状表的子节点、父节点具体实现
查看>>
mysql 通过查看mysql 配置参数、状态来优化你的mysql
查看>>
mysql 里对root及普通用户赋权及更改密码的一些命令
查看>>
Mysql 重置自增列的开始序号
查看>>
mysql 锁机制 mvcc_Mysql性能优化-事务、锁和MVCC
查看>>
MySQL 错误
查看>>