Strlcpy: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Nick Johnson
No edit summary
mNo edit summary
 
(5 intermediate revisions by 5 users not shown)
Line 1: Line 1:
''The correct title for this entry is '''strlcpy'''. The first letter has been capitalized because of technical limitations of the MediaWiki system.''
{{lowercase|title=strlcpy}}{{subpages}}


In [[computer science]], and in particular the [[C (programming language)|C programming language]] and [[Unix]]-like [[operating system|operating systems]], '''strlcpy()''' and '''strlcat()''' are two library functions intended to replace the unsafe [[strcpy|strcpy() and strcat()]] buffer manipulation functions, and the previous improvements [[strncpy|strncpy() and strncat()]] which have confusing semantics.   
In [[computer science]], and in particular the [[C programming language]] and [[Unix]]-like [[operating system|operating systems]], '''strlcpy()''' and '''strlcat()''' are two library functions intended to replace the unsafe [[strcpy|strcpy() and strcat()]] buffer manipulation functions, and the previous improvements [[strncpy|strncpy() and strncat()]] which have confusing semantics.   


The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not [[buffer overflow|overflow]].  The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow.  It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions.
The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not [[buffer overflow|overflow]].  The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow.  It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions.
Line 17: Line 17:


# strlcpy() and strlcat() guarantee that the destination string will be [[null terminated string|NULL terminated]].  strncpy() does not guarantee this for certain boundary cases.
# strlcpy() and strlcat() guarantee that the destination string will be [[null terminated string|NULL terminated]].  strncpy() does not guarantee this for certain boundary cases.
# The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer.  For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL.  For strncat(), it is the size of the destination buffer, less 1 to accomodate a NULL, less the size of the characters already in the destination buffer.
# The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer.  For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL.  For strncat(), it is the size of the destination buffer, less 1 to accommodate a NULL, less the size of the characters already in the destination buffer.
# strncat() will zero-fill the destination before copying, which can be inefficient.
# strncat() will zero-fill the destination before copying, which can be inefficient.
# Both functions return the total size of the resulting string, even after string truncation has occured.  This allows the programmer to check for truncation.
# Both functions return the total size of the resulting string, even after string truncation has occurred.  This allows the programmer to check for truncation.




==References==
==References==
<references/>
<references/>[[Category:Suggestion Bot Tag]]
 
 
 
[[Category:CZ Live]]
[[Category:Computers Workgroup]]

Latest revision as of 16:01, 22 October 2024

This article is a stub and thus not approved.
Main Article
Discussion
Definition [?]
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

In computer science, and in particular the C programming language and Unix-like operating systems, strlcpy() and strlcat() are two library functions intended to replace the unsafe strcpy() and strcat() buffer manipulation functions, and the previous improvements strncpy() and strncat() which have confusing semantics.

The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not overflow. The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow. It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions.

These replacements were introduced by Todd Miller of the University of Colorado, Boulder and Theo de Raadt of the OpenBSD Project, and first implemented in the OpenBSD operating system[1]. Since then, these functions have been implemented in the standard libraries of many other Unix-like oeprating systems.

The prototypes for these functions are, as follows:

size_t strlcpy(char *destination, const char *source, size_t size);
size_t strlcat(char *destination, const char *source, size_t size);

Although their prototypes seem identical to those of strncpy() and strncat(), there are a few important differences:

  1. strlcpy() and strlcat() guarantee that the destination string will be NULL terminated. strncpy() does not guarantee this for certain boundary cases.
  2. The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer. For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL. For strncat(), it is the size of the destination buffer, less 1 to accommodate a NULL, less the size of the characters already in the destination buffer.
  3. strncat() will zero-fill the destination before copying, which can be inefficient.
  4. Both functions return the total size of the resulting string, even after string truncation has occurred. This allows the programmer to check for truncation.


References