博客
关于我
C语言中函数strcpy ,strncpy ,strlcpy的用法
阅读量:670 次
发布时间:2019-03-16

本文共 2995 字,大约阅读时间需要 9 分钟。

safe string copying in C: safer strncpy vs strlcpy and more

In C programming,edeックス predecessor言下之意[a function is as important as the programmer who uses it[/Vetaのリスト]. For string manipulation,.AutoSize experts rely on functions like strcpy, strncpy, memcpy, and recently strlcpy to avoid buffer overflow issues while copying data. Among these, strlcpy sometimes be [eve

from the dinosaurs to the modern era: the journey of string copying functions

Developers have long debated which function to use for saffer and safer string copying. Back in the day, strcpy was the only option, and it was dangerous because it assumed the destination buffer had enough space and was properly terminated with a null byte /0. This assumption often led to buffer overflowattacks when dealing with untrusted user input.

the rise of strncpy: a safer alternative

Ansic standard introduced strncpy as a safer alternative. The function copies up to n bytes from the source string to the destination buffer, but it has some quirky behaviors. For example, if the source string is shorter than n, strncpy fills the destination with null bytes until the end of the n bytes. This can be useful in some cases but feels counterintuitive compared to how strcpy works.

the better choice: strlcpy

Like many open-source projects, OpenBSD developers created strlcpy to address the shortcomings of strncpy. The function ensures that the destination buffer is properly null-terminated and does not overwrite beyond the buffer's capacity. If the source string is longer than the destination buffer, the excess data is discarded, and the function returns the original length of the source string to help detect truncation.

Why Use strlcpy Instead of strncpy?

  • No Need for Manual Null Termination: With strlcPy, you simply provide the size of the destination buffer and let the function handle the rest.
  • Always Null-Terminated: The function ensures the destination buffer is properly terminated with a null byte, even if the source string is shorter than the destination.
  • Return Value for檢查: strlcpy returns the length of the source string, allowing you to detect if the copy operation was truncated.

cross-platform considErsations

While strlCpY is a great choice for Unix-like systems, it's not part of the C standard. Windows, for example, doesn't have a native strlCpY function, and the process of copying strings often involves using strncpy combined with memset to clear the remaining buffer.

when to use memcpy?

memcpy is a lower-level function that directly copies bytes without any assumptions about the source or destination data. It's useful for copying arbitrary data, including binary data that may contain null bytes. However, it requires careful buffer management to prevent overruns.

conclusion

In modern C programming, strlCpY is often the best choice for both saffer and efficient string operations. However, your choice of function depends on the specific needs of your project and the environments you're targeting.

转载地址:http://xnoqz.baihongyu.com/

你可能感兴趣的文章
mysql 如何给SQL添加索引
查看>>
mysql 字段区分大小写
查看>>
mysql 字段合并问题(group_concat)
查看>>
mysql 字段类型类型
查看>>
MySQL 字符串截取函数,字段截取,字符串截取
查看>>
MySQL 存储引擎
查看>>
mysql 存储过程 注入_mysql 视图 事务 存储过程 SQL注入
查看>>
MySQL 存储过程参数:in、out、inout
查看>>
mysql 存储过程每隔一段时间执行一次
查看>>
mysql 存在update不存在insert
查看>>
Mysql 学习总结(86)—— Mysql 的 JSON 数据类型正确使用姿势
查看>>
Mysql 学习总结(87)—— Mysql 执行计划(Explain)再总结
查看>>
Mysql 学习总结(88)—— Mysql 官方为什么不推荐用雪花 id 和 uuid 做 MySQL 主键
查看>>
Mysql 学习总结(89)—— Mysql 库表容量统计
查看>>
mysql 实现主从复制/主从同步
查看>>
mysql 审核_审核MySQL数据库上的登录
查看>>
mysql 导入 sql 文件时 ERROR 1046 (3D000) no database selected 错误的解决
查看>>
mysql 导入导出大文件
查看>>
MySQL 导出数据
查看>>
mysql 将null转代为0
查看>>