Home/ Questions/Q 8468995
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T16:06:09+00:00

I have 3 questions regarding the following function. I marked them as comments in

  • 0

I have 3 questions regarding the following function. I marked them as comments in code.

  1. Why do we copy char item pointed by dest (malloced memory) to dPtr, and then in the end (after processing the input string) return dest. Wouldn’t it be simpler to operate on dest.

  2. This function basically reverses the word only if it has dashes inside. Does the marked command *subword = '\0'; put a NUL character at the place of previously incremented place (in strncpy) – subword+1 or in the subword?

  3. Is this function prone to some buffer overflows or other undesired behaviour? Now it doesn’t give me any errors, but I think I just don’t know how to debug it.

len is strlen(word)

char* function(char* word, int len)
{
    char* subword = NULL;
    char* dest;
    char* dPtr;
    size_t n;

    dest = malloc(len+1);
    if (dest == NULL) return NULL;

    dPtr = dest;               /* [1] */

    while((subword = strrchr(word, '-'))!= NULL) {

        n = len - (subword-word) - (dPtr-dest);
        if (n-1 > 0)
            strncpy(dPtr, subword+1, n-1);

        *subword = '\0';      /* [2] */
        dPtr += n-1;
        *dPtr = '-';
        dPtr++;
    }
    strncpy(dPtr, word, len - (dPtr-dest));
    dest[len] = '\0';
    return dest;              /* [1] */
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    1. dPtr is being used to move through the string and modify it. dest is being kept as the beginning of that modified string, eventually the return value of the function. At the end of each loop iteration, dPtr will point to the end of the modified string, and used for each successive strncpy. Ultimately the function returns a modified string, and dest is needed to keep track of it’s beginning.

    2. subword is being null terminated presumably so that only characters in subword will be copied into the result in the strncpy within the loop, but this actually isn’t necessary with the use of strncpy. The function moves backwards through the string looking for dashes. For each hit, subword is the next dash-delimited substring. The substring is a piece of memory inside the original string, which isn’t null-terminated. If you were using strcpy then you’d need null-termination of subword, but since you’re using strncpy the null-terminators shouldn’t be necessary: just be careful with your n values as the strncpy limit. This code null-terminates subword in place, i.e. by sticking null characters inside the original string argument. Which leads to #3:

    3. As for undesired behavior, the function does it’s work by modifying the original string argument – it’s putting those null terminators for subword into the source string – even though it’s keeping it’s own buffer for the modified and returned string.

    Finally, the code could do without dPtr by using strncat operations rather than strncpy.

    • 0