Namespaces
Variants
Views
Actions

Difference between revisions of "c/string/byte/strcat"

From cppreference.com
< c‎ | string‎ | byte
m (References; language link)
m (See also: add `memccpy` as an alternative to `strcat` for chaining C-string concatenation)
 
(9 intermediate revisions by 6 users not shown)
Line 16: Line 16:
 
{{dcl end}}
 
{{dcl end}}
  
@1@ Appends a copy of the character string pointed to by {{tt|src}} to the end of the character string pointed to by {{tt|dest}}. The character {{tt|src[0]}} replaces the null terminator at the end of {{tt|dest}}. The resulting byte string is null-terminated. The behavior is undefined if the destination array is not large enough for the contents of both {{tt|str}} and {{tt|dest}} and the terminating null character. The behavior is undefined if the strings overlap.  
+
@1@ Appends a copy of the null-terminated byte string pointed to by {{tt|src}} to the end of the null-terminated byte string pointed to by {{tt|dest}}. The character {{tt|src[0]}} replaces the null terminator at the end of {{tt|dest}}. The resulting byte string is null-terminated.
 +
@@The behavior is undefined if the destination array is not large enough for the contents of both {{tt|src}} and {{tt|dest}} and the terminating null character. The behavior is undefined if the strings overlap. The behavior is undefined if either {{tt|dest}} or {{tt|src}} is not a pointer to a null-terminated byte string.
 
@2@ Same as {{v|1}}, except that it may clobber the rest of the destination array (from the last character written to {{tt|destsz}}) with unspecified values and that the following errors are detected at runtime and call the currently installed [[c/error/set_constraint_handler_s|constraint handler]] function:
 
@2@ Same as {{v|1}}, except that it may clobber the rest of the destination array (from the last character written to {{tt|destsz}}) with unspecified values and that the following errors are detected at runtime and call the currently installed [[c/error/set_constraint_handler_s|constraint handler]] function:
 
:* {{tt|src}} or {{tt|dest}} is a null pointer
 
:* {{tt|src}} or {{tt|dest}} is a null pointer
Line 23: Line 24:
 
:* truncation would occur (the available space at the end of {{tt|dest}} would not fit every character, including the null terminator, of {{tt|src}})
 
:* truncation would occur (the available space at the end of {{tt|dest}} would not fit every character, including the null terminator, of {{tt|src}})
 
:* overlap would occur between the source and the destination strings
 
:* overlap would occur between the source and the destination strings
:As all bounds-checked functions, {{tt|strcat_s}} is only guaranteed to be available if {{c|__STDC_LIB_EXT1__}} is defined by the implementation and if the user defines {{c|__STDC_WANT_LIB_EXT1__}} to the integer constant {{c|1}} before including {{tt|string.h}}.
+
@@The behavior is undefined if the size of the character array pointed to by {{tt|dest}} < {{c|strlen(dest)+strlen(src)+1}} <= {{tt|destsz}}; in other words, an erroneous value of {{tt|destsz}} does not expose the impending buffer overflow.
 +
:{{c/ext1 availability|strcat_s}}
  
 
===Parameters===
 
===Parameters===
Line 34: Line 36:
 
===Return value===
 
===Return value===
 
@1@ returns a copy of {{tt|dest}}
 
@1@ returns a copy of {{tt|dest}}
@2@ returns zero on success, returns non-zero on error. Also, on error, writes zero to {{c|dest[0]}} (unless {{tt|dest}} is a null pointer or {{tt|destsz}} is zero or greater than {{lc|RMAX_SIZE}}).
+
@2@ returns zero on success, returns non-zero on error. Also, on error, writes zero to {{c|dest[0]}} (unless {{tt|dest}} is a null pointer or {{tt|destsz}} is zero or greater than {{lc|RSIZE_MAX}}).
  
 
===Notes===
 
===Notes===
 +
Because {{tt|strcat}} needs to seek to the end of {{tt|dest}} on each call, it is inefficient to concatenate many strings into one using {{tt|strcat}}.
 +
 
{{tt|strcat_s}} is allowed to clobber the destination array from the last character written up to {{tt|destsz}} in order to improve efficiency: it may copy in multibyte blocks and then check for null bytes.
 
{{tt|strcat_s}} is allowed to clobber the destination array from the last character written up to {{tt|destsz}} in order to improve efficiency: it may copy in multibyte blocks and then check for null bytes.
  
The function {{tt|strcat_s}} is similar to the BSD function {{tt|strlcat}}, except that  
+
The function {{tt|strcat_s}} is similar to the [https://www.freebsd.org/cgi/man.cgi?query=strlcat&sektion=3 BSD function {{tt|strlcat}}], except that  
 
* {{tt|strlcat}} truncates the source string to fit in the destination
 
* {{tt|strlcat}} truncates the source string to fit in the destination
 
* {{tt|strlcat}} does not perform all the runtime checks that {{tt|strcat_s}} does
 
* {{tt|strlcat}} does not perform all the runtime checks that {{tt|strcat_s}} does
Line 50: Line 54:
 
  |
 
  |
 
  | code=
 
  | code=
 +
#define __STDC_WANT_LIB_EXT1__ 1
 
#include <string.h>  
 
#include <string.h>  
 
#include <stdio.h>
 
#include <stdio.h>
 +
#include <stdlib.h>
  
 
int main(void)  
 
int main(void)  
Line 61: Line 67:
 
     strcat(str, " Goodbye World!");
 
     strcat(str, " Goodbye World!");
 
     puts(str);
 
     puts(str);
 +
 +
#ifdef __STDC_LIB_EXT1__
 +
    set_constraint_handler_s(ignore_handler_s);
 +
    int r = strcat_s(str, sizeof str, " ... ");
 +
    printf("str = \"%s\", r = %d\n", str, r);
 +
    r = strcat_s(str, sizeof str, " and this is too much");
 +
    printf("str = \"%s\", r = %d\n", str, r);
 +
#endif
 
}
 
}
| output=
+
|p=true
 +
| output=
 
Hello World! ... Goodbye World!
 
Hello World! ... Goodbye World!
 +
str = "Hello World! ... Goodbye World! ... ", r = 0
 +
str = "", r = 22
 
}}
 
}}
  
Line 73: Line 90:
 
{{ref std | section=7.21.3.1  | title=The strcat function | p=327}}
 
{{ref std | section=7.21.3.1  | title=The strcat function | p=327}}
 
{{ref std c89}}
 
{{ref std c89}}
{{ref std | section= | title= }}
+
{{ref std | section=4.11.3.1 | title=The strcat function }}
 
{{ref std end}}
 
{{ref std end}}
  
Line 80: Line 97:
 
{{dsc inc | c/string/byte/dsc strncat}}
 
{{dsc inc | c/string/byte/dsc strncat}}
 
{{dsc inc | c/string/byte/dsc strcpy}}
 
{{dsc inc | c/string/byte/dsc strcpy}}
 +
{{dsc inc | c/string/byte/dsc memccpy}}
 
{{dsc see cpp | cpp/string/byte/strcat}}
 
{{dsc see cpp | cpp/string/byte/strcat}}
 
{{dsc end}}
 
{{dsc end}}
  
[[ar:c/string/byte/strcat]]
+
{{langlinks|ar|cs|de|es|fr|it|ja|ko|pl|pt|ru|tr|zh}}
[[cs:c/string/byte/strcat]]
+
[[de:c/string/byte/strcat]]
+
[[es:c/string/byte/strcat]]
+
[[fr:c/string/byte/strcat]]
+
[[it:c/string/byte/strcat]]
+
[[ja:c/string/byte/strcat]]
+
[[ko:c/string/byte/strcat]]
+
[[pl:c/string/byte/strcat]]
+
[[pt:c/string/byte/strcat]]
+
[[ru:c/string/byte/strcat]]
+
[[tr:c/string/byte/strcat]]
+
[[zh:c/string/byte/strcat]]
+

Latest revision as of 09:08, 14 November 2020

 
C
 
Strings library
 
Null-terminated byte strings
Functions
Character manipulation
Conversions to and from numeric formats
String manipulation
(C11)
(C11)
strcatstrcat_s
(C11)
String examination
Memory manipulation
Miscellaneous
(C11)(C11)
 
Defined in header <string.h>
(1)
char *strcat( char *dest, const char *src );
 (until C99)
char *strcat( char *restrict dest, const char *restrict src );
 (since C99)
errno_t strcat_s(char *restrict dest, rsize_t destsz, const char *restrict src);
 (2) (since C11)
1) Appends a copy of the null-terminated byte string pointed to by src to the end of the null-terminated byte string pointed to by dest. The character src[0] replaces the null terminator at the end of dest. The resulting byte string is null-terminated.
The behavior is undefined if the destination array is not large enough for the contents of both src and dest and the terminating null character. The behavior is undefined if the strings overlap. The behavior is undefined if either dest or src is not a pointer to a null-terminated byte string.
2) Same as (1), except that it may clobber the rest of the destination array (from the last character written to destsz) with unspecified values and that the following errors are detected at runtime and call the currently installed constraint handler function:
  • src or dest is a null pointer
  • destsz is zero or greater than RSIZE_MAX
  • there is no null terminator in the first destsz bytes of dest
  • truncation would occur (the available space at the end of dest would not fit every character, including the null terminator, of src)
  • overlap would occur between the source and the destination strings
The behavior is undefined if the size of the character array pointed to by dest < strlen(dest)+strlen(src)+1 <= destsz; in other words, an erroneous value of destsz does not expose the impending buffer overflow.
As with all bounds-checked functions, strcat_s is only guaranteed to be available if __STDC_LIB_EXT1__ is defined by the implementation and if the user defines __STDC_WANT_LIB_EXT1__ to the integer constant 1 before including <string.h>.

Contents

[edit] Parameters

dest - pointer to the null-terminated byte string to append to
src - pointer to the null-terminated byte string to copy from
destsz - maximum number of characters to write, typically the size of the destination buffer

[edit] Return value

1) returns a copy of dest
2) returns zero on success, returns non-zero on error. Also, on error, writes zero to dest[0] (unless dest is a null pointer or destsz is zero or greater than RSIZE_MAX).

[edit] Notes

Because strcat needs to seek to the end of dest on each call, it is inefficient to concatenate many strings into one using strcat.

strcat_s is allowed to clobber the destination array from the last character written up to destsz in order to improve efficiency: it may copy in multibyte blocks and then check for null bytes.

The function strcat_s is similar to the BSD function strlcat, except that

  • strlcat truncates the source string to fit in the destination
  • strlcat does not perform all the runtime checks that strcat_s does
  • strlcat does not make failures obvious by setting the destination to a null string or calling a handler if the call fails.

Although strcat_s prohibits truncation due to potential security risks, it's possible to truncate a string using bounds-checked strncat_s instead.

[edit] Example

Run this code
#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h> 
#include <stdio.h>
#include <stdlib.h>
 
int main(void) 
{
    char str[50] = "Hello ";
    char str2[50] = "World!";
    strcat(str, str2);
    strcat(str, " ...");
    strcat(str, " Goodbye World!");
    puts(str);
 
#ifdef __STDC_LIB_EXT1__
    set_constraint_handler_s(ignore_handler_s);
    int r = strcat_s(str, sizeof str, " ... ");
    printf("str = \"%s\", r = %d\n", str, r);
    r = strcat_s(str, sizeof str, " and this is too much");
    printf("str = \"%s\", r = %d\n", str, r);
#endif
}

Possible output: 

Hello World! ... Goodbye World!
str = "Hello World! ... Goodbye World! ... ", r = 0
str = "", r = 22

[edit] References

  • C11 standard (ISO/IEC 9899:2011):
  • 7.24.3.1 The strcat function (p: 364)
  • K.3.7.2.1 The strcat_s function (p: 617-618)
  • C99 standard (ISO/IEC 9899:1999):
  • 7.21.3.1 The strcat function (p: 327)
  • C89/C90 standard (ISO/IEC 9899:1990):
  • 4.11.3.1 The strcat function

[edit] See also

(C11)
 concatenates a certain amount of characters of two strings
(function) [edit]
(C11)
 copies one string to another
(function) [edit]
(C23)
 copies one buffer to another, stopping after the specified delimiter
(function) [edit]
C++ documentation for strcat
Retrieved from "https://en.cppreference.com/mwiki/index.php?title=c/string/byte/strcat&oldid=124078"