Pascal Damian said:I read somewhere that strcpy() is safer when dealing with malloc()-ed
strings. Is that true?
(Of course I know that both are unsafe).
I read somewhere that strcpy() is safer when dealing with malloc()-ed
strings. Is that true?
(Of course I know that both are unsafe).
Of course,
you can use strcpy() instead of strcat() if you want (and don't mind
the time needed for an additional function call to find the end of
the first string) but there is no additional inherent safety in using
one or the other.
Regards, Jens
Mik Mifflin said:And strcat doesn't need to find the end of the first string?
I only use strcpy when I've just allocated enough space for the string, or I
keep a close eye on the buffer sizes and I know it's not going to overflow.
In all other places, I use strncpy and strncat.
Richard said:Yes, but it may be able to do so more efficiently. For one thing,
strlen() followed by strcpy() is two function calls, strcat() only one.
No guarantees, of course (the Standard doesn't guarantee _anything_
where efficiency is concerned), but I know where I'd put my money.
Don't use strncpy() unless you know exactly why it is usually
inadvisable to use strncpy(). Use *dest='\0'; strncat(); instead.
Leor Zolman said:that a strcpy operation will not overflow the buffer: presumably you know
the length of your destination buffer, so all you have to do is check the
length of the source string. With strcat, on the other hand, you have to
test the length of the existing string in the buffer, add the length of the
string to be appended, and make sure the total resulting length is going to
fit into your available space."
But that would actually be rubbish...I've probably had more overruns with
functions like strcpy than with strcat. Why? Because I've been more
/careful/ while using strcat... ;-)
p = (char *)getenv("LD_LIBRARY_PATH");
Pascal Damian said:Here's exactly where I read it, from a post at comp.lang.ruby:
======================== start quote ============================
Use strcpy instead of strcat here, content of malloc'ed area is
not guaranteed.
======================== end quote ============================
Now what does the poster mean by "content of malloc'ed area is not
guaranteed"?
Here's exactly where I read it, from a post at comp.lang.ruby:
======================== start quote ============================
Use strcpy instead of strcat here, content of malloc'ed area is
not guaranteed.
======================== end quote ============================
URL: http://groups.google.com/[email protected]
URL: http://tinyurl.com/393yz
Now what does the poster mean by "content of malloc'ed area is not
guaranteed"?
strcat() appends to a '\0'-terminated string (first searching for
that value to figure out where to write to), but the malloc()-ed
memory isn't initialized. While there may be a `\0' somewhere in
that memory just by chance, there's no guarantee that the first
char of the memory is '\0'. But that would be the requirement if
you want to use strcat() instead of strcpy(). So the author of
that article is just pointing out a bug in the logic of the code
- most likely the string "LD_LIBRARY_PATH=" is going to be written
to some random location in memory, possibly outside the malloc()-ed
area. If you insist on using strcat() in this case you would need
set the first char in the memory to '\0' first (or use calloc() to
obtain the memory).
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.