Strlcpy: Difference between revisions
imported>Nick Johnson No edit summary |
mNo edit summary |
||
(7 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
{{lowercase|title=strlcpy}}{{subpages}} | |||
In [[computer science]], and in particular the [[C programming language]] and [[Unix]]-like [[operating system|operating systems]], '''strlcpy()''' and '''strlcat()''' are two library functions intended to replace the unsafe [[strcpy|strcpy() and strcat()]] buffer manipulation functions, and the previous improvements [[strncpy|strncpy() and strncat()]] which have confusing semantics. | In [[computer science]], and in particular the [[C programming language]] and [[Unix]]-like [[operating system|operating systems]], '''strlcpy()''' and '''strlcat()''' are two library functions intended to replace the unsafe [[strcpy|strcpy() and strcat()]] buffer manipulation functions, and the previous improvements [[strncpy|strncpy() and strncat()]] which have confusing semantics. | ||
Line 5: | Line 5: | ||
The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not [[buffer overflow|overflow]]. The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow. It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions. | The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not [[buffer overflow|overflow]]. The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow. It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions. | ||
These replacements were introduced by Todd Miller of the [[University of Colorado, Boulder]] and Theo de Raadt of the [[OpenBSD]] Project, and first implemented in the OpenBSD operating system<ref name="Foo"> | These replacements were introduced by Todd Miller of the [[University of Colorado, Boulder]] and Theo de Raadt of the [[OpenBSD]] Project, and first implemented in the OpenBSD operating system<ref name="Foo">Todd Miller, Theo de Raadt, [http://openbsd.org/papers/strlcpy-paper.ps "strlcpy, strlcat -- consistent, safe, string copy and concatenation"]</ref>. Since then, these functions have been implemented in the standard libraries of many other Unix-like oeprating systems. | ||
The [[C function prototype|prototypes]] for these functions are, as follows: | The [[C function prototype|prototypes]] for these functions are, as follows: | ||
Line 17: | Line 17: | ||
# strlcpy() and strlcat() guarantee that the destination string will be [[null terminated string|NULL terminated]]. strncpy() does not guarantee this for certain boundary cases. | # strlcpy() and strlcat() guarantee that the destination string will be [[null terminated string|NULL terminated]]. strncpy() does not guarantee this for certain boundary cases. | ||
# The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer. For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL. For strncat(), it is the size of the destination buffer, less 1 to | # The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer. For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL. For strncat(), it is the size of the destination buffer, less 1 to accommodate a NULL, less the size of the characters already in the destination buffer. | ||
# strncat() will zero-fill the destination before copying, which can be inefficient. | # strncat() will zero-fill the destination before copying, which can be inefficient. | ||
# Both functions return the total size of the resulting string, even after string truncation has | # Both functions return the total size of the resulting string, even after string truncation has occurred. This allows the programmer to check for truncation. | ||
==References== | ==References== | ||
<references/> | <references/>[[Category:Suggestion Bot Tag]] | ||
[[Category: | |||
Latest revision as of 16:01, 22 October 2024
In computer science, and in particular the C programming language and Unix-like operating systems, strlcpy() and strlcat() are two library functions intended to replace the unsafe strcpy() and strcat() buffer manipulation functions, and the previous improvements strncpy() and strncat() which have confusing semantics.
The purpose of strlcpy() is to copy a string from a source buffer to a destination buffer, while assuring that the destination buffer does not overflow. The purpose of strlcat() is to perform string concatenation on two buffers, storing the result into the destination buffer, while assuring that the destination buffer does not overflow. It should be noted that the overflow protection is still in the hands of the programmer; he or she must still correctly provide the size of the destination buffers to these functions.
These replacements were introduced by Todd Miller of the University of Colorado, Boulder and Theo de Raadt of the OpenBSD Project, and first implemented in the OpenBSD operating system[1]. Since then, these functions have been implemented in the standard libraries of many other Unix-like oeprating systems.
The prototypes for these functions are, as follows:
size_t strlcpy(char *destination, const char *source, size_t size);
size_t strlcat(char *destination, const char *source, size_t size);
Although their prototypes seem identical to those of strncpy() and strncat(), there are a few important differences:
- strlcpy() and strlcat() guarantee that the destination string will be NULL terminated. strncpy() does not guarantee this for certain boundary cases.
- The size parameter passed to strlcpy() and strlcat() are the actual size of the destination buffer. For strncpy(), it should be the size of the destination buffer, less 1 to accommodate a NULL. For strncat(), it is the size of the destination buffer, less 1 to accommodate a NULL, less the size of the characters already in the destination buffer.
- strncat() will zero-fill the destination before copying, which can be inefficient.
- Both functions return the total size of the resulting string, even after string truncation has occurred. This allows the programmer to check for truncation.
References
- ↑ Todd Miller, Theo de Raadt, "strlcpy, strlcat -- consistent, safe, string copy and concatenation"