Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I can see many sprintf‘s used in my applications for copying a string.
I have a character array:
char myarray[10];
const char *str = "mystring";
Now if I want want to copy the string str into myarray, is is better to use:
sprintf(myarray, "%s", str);
or
strncpy(myarray, str, 8);
?
Neither should be used, at all.
sprintfis dangerous, deprecated, and superseded bysnprintf. The only way to use the oldsprintfsafely with string inputs is to either measure their length before callingsprintf, which is ugly and error-prone, or by adding a field precision specifier (e.g.%.8sor%.*swith an extra integer argument for the size limit). This is also ugly and error-prone, especially if more than one%sspecifier is involved.strncpyis also dangerous. It is not a buffer-size-limited version ofstrcpy. It’s a function for copying characters into a fixed-length, null-padded (as opposed to null-terminated) array, where the source may be either a C string or a fixed-length character array at least the size of the destination. Its intended use was for legacy unix directory tables, database entries, etc. that worked with fixed-size text fields and did not want to waste even a single byte on disk or in memory for null termination. It can be misused as a buffer-size-limitedstrcpy, but doing so is harmful for two reasons. First of all, it fails to null terminate if the whole buffer is used for string data (i.e. if the source string length is at least as long as the dest buffer). You can add the termination back yourself, but this is ugly and error-prone. And second,strncpyalways pads the full destination buffer with null bytes when the source string is shorter than the output buffer. This is simply a waste of time.So what should you use instead?
Some people like the BSD
strlcpyfunction. Semantically, it’s identical tosnprintf(dest, destsize, "%s", source)except that the return value issize_tand it does not impose an artificialINT_MAXlimit on string length. However, most popular non-BSD systems lackstrlcpy, and it’s easy to make dangerous errors writing your own, so if you want to use it, you should obtain a safe, known-working version from a trustworthy source.My preference is to simply use
snprintffor any nontrivial string construction, andstrlen+memcpyfor some trivial cases that have been measured to be performance-critical. If you get in a habit of using this idiom correctly, it becomes almost impossible to accidentally write code with string-related vulnerabilities.