1STRCPY(3) Linux Programmer's Manual STRCPY(3)
2
6 strcpy, strncpy - copy a string
7
9 #include <string.h>
10 char *strcpy(char *dest, const char *src);
12 char *strncpy(char *dest, const char *src, size_t n);
14
16 The strcpy() function copies the string pointed to by src, including
17 the terminating null byte ('\0'), to the buffer pointed to by dest.
18 The strings may not overlap, and the destination string dest must be
19 large enough to receive the copy. Beware of buffer overruns! (See
20 BUGS.)
21 The strncpy() function is similar, except that at most n bytes of src
23 are copied. Warning: If there is no null byte among the first n bytes
24 of src, the string placed in dest will not be null-terminated.
25 If the length of src is less than n, strncpy() writes additional null
27 bytes to dest to ensure that a total of n bytes are written.
28 A simple implementation of strncpy() might be:
30 char *
32 strncpy(char *dest, const char *src, size_t n)
33 {
34 size_t i;
35 for (i = 0; i < n && src[i] != '\0'; i++)
37 dest[i] = src[i];
38 for ( ; i < n; i++)
39 dest[i] = '\0';
40 return dest;
42 }
43
45 The strcpy() and strncpy() functions return a pointer to the destina‐
46 tion string dest.
47
49 SVr4, 4.3BSD, C89, C99.
50
52 Some programmers consider strncpy() to be inefficient and error prone.
53 If the programmer knows (i.e., includes code to test!) that the size
54 of dest is greater than the length of src, then strcpy() can be used.
55 One valid (and intended) use of strncpy() is to copy a C string to a
57 fixed-length buffer while ensuring both that the buffer is not over‐
58 flowed and that unused bytes in the target buffer are zeroed out (per‐
59 haps to prevent information leaks if the buffer is to be written to
60 media or transmitted to another process via an interprocess communica‐
61 tion technique).
62 If there is no terminating null byte in the first n bytes of src,
64 strncpy() produces an unterminated string in dest. You can force ter‐
65 mination using something like the following:
66 strncpy(buf, str, n);
68 if (n > 0)
69 buf[n - 1]= '\0';
70 (Of course, the above technique ignores the fact that information con‐
72 tained in src is lost in the copying to dest.)
73 Some systems (the BSDs, Solaris, and others) provide the following
75 function:
76 size_t strlcpy(char *dest, const char *src, size_t size);
78 This function is similar to strncpy(), but it copies at most size-1
80 bytes to dest, always adds a terminating null byte, and does not pad
81 the target with (further) null bytes. This function fixes some of the
82 problems of strcpy() and strncpy(), but the caller must still handle
83 the possibility of data loss if size is too small. The return value of
84 the function is the length of src, which allows truncation to be easily
85 detected: if the return value is greater than or equal to size, trunca‐
86 tion occurred. If loss of data matters, the caller must either check
87 the arguments before the call, or test the function return value.
88 strlcpy() is not present in glibc and is not standardized by POSIX, but
89 is available on Linux via the libbsd library.
90
92 If the destination string of a strcpy() is not large enough, then any‐
93 thing might happen. Overflowing fixed-length string buffers is a
94 favorite cracker technique for taking complete control of the machine.
95 Any time a program reads or copies data into a buffer, the program
96 first needs to check that there's enough space. This may be unneces‐
97 sary if you can show that overflow is impossible, but be careful: pro‐
98 grams can get changed over time, in ways that may make the impossible
99 possible.
100
102 bcopy(3), memccpy(3), memcpy(3), memmove(3), stpcpy(3), stpncpy(3),
103 strdup(3), string(3), wcscpy(3), wcsncpy(3)
104
106 This page is part of release 3.53 of the Linux man-pages project. A
107 description of the project, and information about reporting bugs, can
108 be found at http://www.kernel.org/doc/man-pages/.
109GNU 2012-07-19 STRCPY(3)