博客
关于我
C语言中函数strcpy ,strncpy ,strlcpy的用法
阅读量:670 次
发布时间:2019-03-16

本文共 2995 字,大约阅读时间需要 9 分钟。

safe string copying in C: safer strncpy vs strlcpy and more

In C programming,edeックス predecessor言下之意[a function is as important as the programmer who uses it[/Vetaのリスト]. For string manipulation,.AutoSize experts rely on functions like strcpy, strncpy, memcpy, and recently strlcpy to avoid buffer overflow issues while copying data. Among these, strlcpy sometimes be [eve

from the dinosaurs to the modern era: the journey of string copying functions

Developers have long debated which function to use for saffer and safer string copying. Back in the day, strcpy was the only option, and it was dangerous because it assumed the destination buffer had enough space and was properly terminated with a null byte /0. This assumption often led to buffer overflowattacks when dealing with untrusted user input.

the rise of strncpy: a safer alternative

Ansic standard introduced strncpy as a safer alternative. The function copies up to n bytes from the source string to the destination buffer, but it has some quirky behaviors. For example, if the source string is shorter than n, strncpy fills the destination with null bytes until the end of the n bytes. This can be useful in some cases but feels counterintuitive compared to how strcpy works.

the better choice: strlcpy

Like many open-source projects, OpenBSD developers created strlcpy to address the shortcomings of strncpy. The function ensures that the destination buffer is properly null-terminated and does not overwrite beyond the buffer's capacity. If the source string is longer than the destination buffer, the excess data is discarded, and the function returns the original length of the source string to help detect truncation.

Why Use strlcpy Instead of strncpy?

  • No Need for Manual Null Termination: With strlcPy, you simply provide the size of the destination buffer and let the function handle the rest.
  • Always Null-Terminated: The function ensures the destination buffer is properly terminated with a null byte, even if the source string is shorter than the destination.
  • Return Value for檢查: strlcpy returns the length of the source string, allowing you to detect if the copy operation was truncated.

cross-platform considErsations

While strlCpY is a great choice for Unix-like systems, it's not part of the C standard. Windows, for example, doesn't have a native strlCpY function, and the process of copying strings often involves using strncpy combined with memset to clear the remaining buffer.

when to use memcpy?

memcpy is a lower-level function that directly copies bytes without any assumptions about the source or destination data. It's useful for copying arbitrary data, including binary data that may contain null bytes. However, it requires careful buffer management to prevent overruns.

conclusion

In modern C programming, strlCpY is often the best choice for both saffer and efficient string operations. However, your choice of function depends on the specific needs of your project and the environments you're targeting.

转载地址:http://xnoqz.baihongyu.com/

你可能感兴趣的文章
mysql基本操作
查看>>
mysql基础
查看>>
mysql基础---mysql查询机制
查看>>
MySQL基础5
查看>>
MySQL基础day07_mysql集群实例-MySQL 5.6
查看>>
Mysql基础命令 —— 数据库、数据表操作
查看>>
Mysql基础命令 —— 系统操作命令
查看>>
MySQL基础学习总结
查看>>
mysql基础教程三 —常见函数
查看>>
mysql基础教程二
查看>>
mysql基础教程四 --连接查询
查看>>
MySQL基础知识:创建MySQL数据库和表
查看>>
MySQL基础系列—SQL分类之一
查看>>
MySQL处理千万级数据分页查询的优化方案
查看>>
mysql备份
查看>>
mysql备份与恢复
查看>>
mysql备份工具xtrabackup
查看>>
mysql备份恢复出错_尝试备份/恢复mysql数据库时出错
查看>>
mysql复制内容到一张新表
查看>>
mysql复制表结构和数据
查看>>