Programming Tips - What's the best and safest way to copy strings in C/C++ ?

Date: 2004Oct22 Language: C/C++ Q. What's the best and safest way to copy strings in C/C++ ? A. BAD REASON strcpy() no bounds checking lstrcpy() ditto - Windows only lstrcpyW() ditto - Windows only (Unicode) strncpy() terminating NUL isn't guaranteed GOOD REASON strcpyn() bounds checking and terminating NUL guaranteed strlcpy() ditto - BSD and Dave only lstrcpyn() ditto - Windows only lstrcpynW() ditto - Windows only (Unicode) The Linux manual page for strcpy() says: If the destination string of a strcpy() is not large enough (that is, if the programmer was stupid/lazy, and failed to check the size before copying) then anything might happen. Overflowing fixed length strings is a favourite cracker technique. Q. What about string concatenation? A. BAD REASON strcat() no bounds checking lstrcat() ditto - Windows only lstrcatW() ditto - Windows only GOOD REASON strlcat() bounds checking and terminating NUL guaranteed - BSD and Dave only Or use std::string or CString