Copyright © 2008-2017, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.
Date: 2004Oct22 Language: C/C++ Q. What's the best and safest way to copy strings in C/C++ ? A. BAD REASON strcpy() no bounds checking lstrcpy() ditto - Windows only lstrcpyW() ditto - Windows only (Unicode) strncpy() terminating NUL isn't guaranteed GOOD REASON strcpyn() bounds checking and terminating NUL guaranteed strlcpy() ditto - BSD and Dave only lstrcpyn() ditto - Windows only lstrcpynW() ditto - Windows only (Unicode) The Linux manual page for strcpy() says: If the destination string of a strcpy() is not large enough (that is, if the programmer was stupid/lazy, and failed to check the size before copying) then anything might happen. Overflowing fixed length strings is a favourite cracker technique. Q. What about string concatenation? A. BAD REASON strcat() no bounds checking lstrcat() ditto - Windows only lstrcatW() ditto - Windows only GOOD REASON strlcat() bounds checking and terminating NUL guaranteed - BSD and Dave only Or use std::string or CString
Add a commentSign in to add a comment