Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > strncpy and 'n'

Reply
Thread Tools

strncpy and 'n'

 
 
nroberts
Guest
Posts: n/a
 
      02-16-2012
Consider:

char const* f(char const* incoming)
{
static char buf[MAX];

strncpy(buf, incoming, strlen(incoming));
}

Is there ANY reason to use strncpy like that? I'm working on a
project that has such uses all throughout it and before I tell the
team leader that he's using a basic C function incorrectly I thought
I'd make sure I'm right.
 
Reply With Quote
 
 
 
 
Anders Wegge Keller
Guest
Posts: n/a
 
      02-16-2012
nroberts <(E-Mail Removed)> writes:

> Consider:
>
> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that?


If you want to avoid havig the '\0' copied from the incoming text,
and risk overrunning buf, there could be a point. But apart from that, no.

I would rather use strncpy like this:

strncpy (buf, incoming, MAX);
buf[MAX] = 0;

> I'm working on a project that has such uses all throughout it and
> before I tell the team leader that he's using a basic C function
> incorrectly I thought I'd make sure I'm right.


Submit some code to www.thedailywtf.com




--
/Wegge

Leder efter redundant peering af dk.*,linux.debian.*
 
Reply With Quote
 
 
 
 
Keith Thompson
Guest
Posts: n/a
 
      02-16-2012
nroberts <(E-Mail Removed)> writes:
> Consider:
>
> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that? I'm working on a
> project that has such uses all throughout it and before I tell the
> team leader that he's using a basic C function incorrectly I thought
> I'd make sure I'm right.


There's rarely *any* reason to use strncpy(). It's not a "safer"
version of strcpy(); it's a quite different function. It can leave
the target buffer without a terminating '\0' (i.e., not a string),
or it can pad it with multiple needless '\0' bytes.

For that particular call, if strlen(incoming) is 10, for example,
it will only copy 10 bytes; it will not copy the terminating '\0'.
If that's what you want (either buf doesn't need to be a string, or
some other code supplies the '\0'), then memcpy() makes more sense.

--
Keith Thompson (The_Other_Keith) http://www.velocityreviews.com/forums/(E-Mail Removed) <http://www.ghoti.net/~kst>
Will write code for food.
"We must do something. This is something. Therefore, we must do this."
-- Antony Jay and Jonathan Lynn, "Yes Minister"
 
Reply With Quote
 
lawrence.jones@siemens.com
Guest
Posts: n/a
 
      02-16-2012
nroberts <(E-Mail Removed)> wrote:
> Consider:
>
> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that?


Maybe, but almost certainly not. If the incoming string is longer than
MAX bytes, you get a buffer overflow, which is very bad. If it happens
to be exactly MAX characters long, you get an unterminated string in
buf, which is bad if the following code (you don't show any, but I
presume there is some or the function is completely pointless) expects
to treat it as a string. And if the incoming string is less than MAX
bytes, since the code doesn't copy the null byte, you get whatever is
leftover in buf tacked on to the end. (buf is initialized to all null
bytes, but since it's static, that only happens once, not on each call.)
--
Larry Jones

Oh yeah? You just wait! -- Calvin
 
Reply With Quote
 
A. K.
Guest
Posts: n/a
 
      02-16-2012
On 16.02.2012 18:57, Anders Wegge Keller wrote:
> nroberts<(E-Mail Removed)> writes:
>
>> Consider:
>>
>> char const* f(char const* incoming)
>> {
>> static char buf[MAX];
>>
>> strncpy(buf, incoming, strlen(incoming));
>> }
>>
>> Is there ANY reason to use strncpy like that?

>
> If you want to avoid havig the '\0' copied from the incoming text,
> and risk overrunning buf, there could be a point. But apart from that, no.
>
> I would rather use strncpy like this:
>
> strncpy (buf, incoming, MAX);
> buf[MAX] = 0;


buffer overflow !!! )

>
>> I'm working on a project that has such uses all throughout it and
>> before I tell the team leader that he's using a basic C function
>> incorrectly I thought I'd make sure I'm right.

>
> Submit some code to www.thedailywtf.com
>
>
>
>


 
Reply With Quote
 
Anders Wegge Keller
Guest
Posts: n/a
 
      02-16-2012
"A. K." <(E-Mail Removed)> writes:

> On 16.02.2012 18:57, Anders Wegge Keller wrote:


>> buf[MAX] = 0;


buffer overflow !!! )

If you got to have them, better decide yourself where to have them. I
pledge insanity in the act.

--
/Wegge

Leder efter redundant peering af dk.*,linux.debian.*
 
Reply With Quote
 
Markus Schaub
Guest
Posts: n/a
 
      02-16-2012
nroberts schrieb:
> Consider:
>
> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that? I'm working on a
> project that has such uses all throughout it and before I tell the
> team leader that he's using a basic C function incorrectly I thought
> I'd make sure I'm right.


He has probably heard that strcpy() is bad and that he should use
strncpy().

Markus
 
Reply With Quote
 
Malcolm McLean
Guest
Posts: n/a
 
      02-16-2012
On Feb 16, 6:01*pm, Keith Thompson <(E-Mail Removed)> wrote:
>
> There's rarely *any* reason to use strncpy(). *It's not a "safer"
> version of strcpy(); it's a quite different function. *It can leave
> the target buffer without a terminating '\0' (i.e., not a string),
> or it can pad it with multiple needless '\0' bytes.
>

It's designed for databases with fixed fields and non-nul terminated
strings. The padding zeros aren't unnecessary, because often these
databases do a quick match or lookup by applying some algorithm to the
whole field.


 
Reply With Quote
 
Ben Pfaff
Guest
Posts: n/a
 
      02-16-2012
nroberts <(E-Mail Removed)> writes:

> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that?


It looks very odd. I think it would be equivalent code if you
replaced "strncpy" by "memcpy" here.

The behavior here make sense for the first call to the function,
if strlen(incoming) < MAX, but it will be strange on subsequent
calls.
--
"The fact that there is a holy war doesn't mean that one of the sides
doesn't suck - usually both do..."
--Alexander Viro
 
Reply With Quote
 
Stephen Sprunk
Guest
Posts: n/a
 
      02-16-2012
On 16-Feb-12 11:05, nroberts wrote:
> Consider:
>
> char const* f(char const* incoming)
> {
> static char buf[MAX];
>
> strncpy(buf, incoming, strlen(incoming));
> }
>
> Is there ANY reason to use strncpy like that? I'm working on a
> project that has such uses all throughout it and before I tell the
> team leader that he's using a basic C function incorrectly I thought
> I'd make sure I'm right.


Assuming this is representative of the actual code, it's clearly wrong
because strncpy() will overflow buf if strlen(incoming)+1 is greater
than MAX. This means it is no better than strcpy(buf, incoming).

The correct way to write this would be:

char const* f(char const* incoming)
{
static char buf[MAX];

strncpy(buf, incoming, MAX);
}

Unlike the above code, this guarantees the copy will not overflow buf.

S

--
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
strncpy copying beyond max length atapi103@gmail.com C++ 4 02-01-2005 01:32 PM
the minimum size when using strncpy(...) Simon C++ 3 09-06-2004 01:03 PM
strncpy() and null terminated strings Barry C Programming 4 04-08-2004 05:25 PM
Code Review: strncpy Vijay Kumar R Zanvar C Programming 30 01-19-2004 04:39 PM
Re: bizzare strncpy() sumit.sharma@wipro.com C Programming 4 07-09-2003 01:14 PM



Advertisments