I read somewhere that strcpy() is safer when dealing with malloc()-ed
strings. Is that true?
(Of course I know that both are unsafe).
I've not read anything to that effect, but I can easily imagine someone,
somewhere having at some point said something like:
"strcpy is safer than strcat because it is easier to check programmatically
that a strcpy operation will not overflow the buffer: presumably you know
the length of your destination buffer, so all you have to do is check the
length of the source string. With strcat, on the other hand, you have to
test the length of the existing string in the buffer, add the length of the
string to be appended, and make sure the total resulting length is going to
fit into your available space."
But that would actually be rubbish...I've probably had more overruns with
functions like strcpy than with strcat. Why? Because I've been more
/careful/ while using strcat... ;-)
-leor
Leor Zolman
BD Software
(e-mail address removed)
www.bdsoft.com -- On-Site Training in C/C++, Java, Perl & Unix
C++ users: Download BD Software's free STL Error Message
Decryptor at
www.bdsoft.com/tools/stlfilt.html