Home/ Questions/Q 7508845
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T22:45:11+00:00

strtrns has the following descriptions: desc-1 , desc-2 The strtrns() function transforms string and

  • 0

strtrns has the following descriptions: desc-1, desc-2

The strtrns() function transforms string and copies it into
result.
Any character that appears in old is replaced with the character in
the same position in new. The new result is returned. ………

This function is a security risk because it is possible to overflow
the newString buffer. If the currentString buffer is larger than the
newString buffer, then an overflow will occur.

And this is its prototype( or “signature”? “:

char * strtrns(const char *string, const char *old, const char *new, char *result);

I’ve been googling to no avail. I appreciate any tips or advice.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think you can write your own safe one pretty quickly.

    It won’t be a direct replacement, as the signature is slightly different, and it will allocate memory that the caller must free, but it can serve mostly the same job.

    (I’m also changing the parameter name new, which is a reserved word in C++, and the parameter string which is a very common type in C++.
    These changes makes the function compatible with C++ code as well)

    char* alloc_strtrns(const char *srcstr, const char *oldtxt, const char *newtxt)
{
    if (strlen(oldtxt) != strlen(newtxt))
    {
        return NULL;    /* Old and New lengths MUST match */
    }

    char* result = strdup(srcstr);    /* TODO: check for NULL */
    /* Caller is responsible for freeing! */

    return strtrns(srcstr, oldtxt, newtxt, result);
}
    • 0