函数strncpy VS的sprintf [英] strncpy vs sprintf

问题描述

我可以看到在我的应用中使用的许多的sprintf 的复制的字符串。

我有字符数组

 字符myArray的[10];
为const char *海峡=myString的;
 

现在，如果我想希望字符串str复制到myarray中！
为更好的使用方法：

 的sprintf（myarray中，％S，STR）;
 

或

 函数strncpy（myarray中，STR，8）;
 

解决方案

也不应该被使用，在所有。

1. 的sprintf 是pcated危险，德$ P $，并通过的snprintf 取代。与字符串输入的sprintf 安全地使用旧的唯一方法是的sprintf 之前调用要么测量其长度，这是难看，而且容易出错，或通过添加一个字段precision符（如％。8S 或％。* S 与大小限制一个额外的整数参数）。这也是难看，而且容易出错，尤其是当多个％S 说明参与。




2. 函数strncpy 也是危险的。它的不可以 的strcpy 的缓冲区大小的限制版本。它是用于复制字符转换成一个定长的函数，空值的填充的（而不是空值的终止的）阵列，其中该源可以是一个C字符串或固定长度字符数组至少目的地的大小。它的用途是传统的Unix目录表，数据库条目等，与固定大小的文本字段工作，不想在磁盘或内存空终止浪费甚至一个字节。它的可以的被滥用作为一个缓冲区大小的限制的strcpy ，但这样做是有害的，原因有二。首先，它不能为空终止如果使用整个缓冲区为字符串数据（即，如果源字符串长度至少只要DEST缓冲液）。您可以添加终止背自己，但是这是丑陋的，而且容易出错。第二，函数strncpy 总是垫与空字节全部目标缓冲区当源字符串比输出缓冲器短。这简直是​​在浪费时间。

那么，你应该使用呢？

有人喜欢BSD strlcpy 功能。语义上，它等同于的snprintf（DEST，destsize，％S，源）除了返回值是为size_t 并没有对字符串长度的人工 INT_MAX 限制。然而，最流行的非BSD系统缺乏 strlcpy ，而且它很容易使危险的错误，写你自己的，所以如果你想使用它，你应该获得一个安全，已知来自可信来源木材加工的版本。

我的preference是简单地使用的snprintf 任何平凡的字符串建设，的strlen + 的memcpy 对于已测得性能关键的一些琐碎的案件。如果您在使用正确这个成语的习惯得到的，它几乎是不可能不小心写成code。与字符串相关的漏洞。

I can see many sprintf's used in my applications for copying a string.

I have character array

char myarray[10];
const char *str="mystring";

Now if i want want to copy the string str into myarray! is is better to use:

sprintf(myarray,"%s",str);

or

strncpy(myarray,str,8);

解决方案

Neither should be used, at all.

1. sprintf is dangerous, deprecated, and superseded by snprintf. The only way to use the old sprintf safely with string inputs is to either measure their length before calling sprintf, which is ugly and error-prone, or by adding a field precision specifier (e.g. %.8s or %.*s with an extra integer argument for the size limit). This is also ugly and error-prone, especially if more than one %s specifier is involved.

2. strncpy is also dangerous. It is not a buffer-size-limited version of strcpy. It's a function for copying characters into a fixed-length, null-padded (as opposed to null-terminated) array, where the source may be either a C string or a fixed-length character array at least the size of the destination. Its intended use was for legacy unix directory tables, database entries, etc. that worked with fixed-size text fields and did not want to waste even a single byte on disk or in memory for null termination. It can be misused as a buffer-size-limited strcpy, but doing so is harmful for two reasons. First of all, it fails to null terminate if the whole buffer is used for string data (i.e. if the source string length is at least as long as the dest buffer). You can add the termination back yourself, but this is ugly and error-prone. And second, strncpy always pads the full destination buffer with null bytes when the source string is shorter than the output buffer. This is simply a waste of time.

So what should you use instead?

Some people like the BSD strlcpy function. Semantically, it's identical to snprintf(dest, destsize, "%s", source) except that the return value is size_t and it does not impose an artificial INT_MAX limit on string length. However, most popular non-BSD systems lack strlcpy, and it's easy to make dangerous errors writing your own, so if you want to use it, you should obtain a safe, known-working version from a trustworthy source.

My preference is to simply use snprintf for any nontrivial string construction, and strlen+memcpy for some trivial cases that have been measured to be performance-critical. If you get in a habit of using this idiom correctly, it becomes almost impossible to accidentally write code with string-related vulnerabilities.

这篇关于函数strncpy VS的sprintf的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！