Difference between revisions of "c/string/byte/strcpy"

Latest revision as of 19:44, 30 July 2023

Defined in header `<string.h>`
	(1)
char strcpy( char dest, const char *src );			(until C99)
char strcpy( char restrict dest, const char *restrict src );			(since C99)
errno_t strcpy_s( char restrict dest, rsize_t destsz, const char restrict src );		(2)	(since C11)

1) Copies the null-terminated byte string pointed to by src, including the null terminator, to the character array whose first element is pointed to by dest.

The behavior is undefined if the dest array is not large enough. The behavior is undefined if the strings overlap. The behavior is undefined if either dest is not a pointer to a character array or src is not a pointer to a null-terminated byte string.

2) Same as (1), except that it may clobber the rest of the destination array with unspecified values and that the following errors are detected at runtime and call the currently installed constraint handler function:

src or dest is a null pointer
destsz is zero or greater than RSIZE_MAX
destsz is less or equal strnlen_s(src, destsz); in other words, truncation would occur
overlap would occur between the source and the destination strings

The behavior is undefined if the size of the character array pointed to by dest <= strnlen_s(src, destsz) < destsz; in other words, an erroneous value of destsz does not expose the impending buffer overflow.

As with all bounds-checked functions, strcpy_s is only guaranteed to be available if __STDC_LIB_EXT1__ is defined by the implementation and if the user defines __STDC_WANT_LIB_EXT1__ to the integer constant 1 before including <string.h>.

#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
 
int main(void)
{
    const char *src = "Take the test.";
//  src[0] = 'M' ; // this would be undefined behavior
    char dst[strlen(src) + 1]; // +1 to accommodate for the null terminator
    strcpy(dst, src);
    dst[0] = 'M'; // OK
    printf("src = %s\ndst = %s\n", src, dst);
 
#ifdef __STDC_LIB_EXT1__
    set_constraint_handler_s(ignore_handler_s);
    int r = strcpy_s(dst, sizeof dst, src);
    printf("dst = \"%s\", r = %d\n", dst, r);
    r = strcpy_s(dst, sizeof dst, "Take even more tests.");
    printf("dst = \"%s\", r = %d\n", dst, r);
#endif
}

Possible output:

src = Take the test.
dst = Make the test.
dst = "Take the test.", r = 0
dst = "", r = 22

[edit] References

C17 standard (ISO/IEC 9899:2018):

7.24.2.3 The strcpy function (p: 264-265)

K.3.7.1.3 The strcpy_s function (p: 447)

C11 standard (ISO/IEC 9899:2011):

7.24.2.3 The strcpy function (p: 363)

K.3.7.1.3 The strcpy_s function (p: 615-616)

C99 standard (ISO/IEC 9899:1999):

7.21.2.3 The strcpy function (p: 326)

C89/C90 standard (ISO/IEC 9899:1990):

4.11.2.3 The strcpy function

[edit] See also

strncpystrncpy_s (C11)	copies a certain amount of characters from one string to another (function) [edit]
memcpymemcpy_s (C11)	copies one buffer to another (function) [edit]
wcscpywcscpy_s (C95)(C11)	copies one wide string to another (function) [edit]
strdup (dynamic memory TR)	allocate a copy of a string (function) [edit]
C++ documentation for strcpy

@@ Line 1: / Line 1: @@
-{{c/title| strcpy}}
+{{c/title| strcpy|strcpy_s}}
 {{c/string/byte/navbar}}
-{{ddcl | header=string.h |
+{{dcl begin}}
+{{dcl header | string.h}}
+{{dcl rev begin|num=1}}
+{{dcl | until=c99 |
 char *strcpy( char *dest, const char *src );
 }}
+{{dcl | since=c99 |
+char *strcpy( char *restrict dest, const char *restrict src );
+}}
+{{dcl rev end}}
+{{dcl |num=2| since=c11 |
+errno_t strcpy_s( char *restrict dest, rsize_t destsz, const char *restrict src );
+}}
+{{dcl end}}
-Copies the byte string pointed to by {{tt|src}} to byte string, pointed to by {{tt|dest}}.
+@1@ Copies the null-terminated byte string pointed to by {{tt|src}}, including the null terminator, to the character array whose first element is pointed to by {{tt|dest}}.
+@@The behavior is undefined if the {{tt|dest}} array is not large enough. The behavior is undefined if the strings overlap. The behavior is undefined if either {{tt|dest}} is not a pointer to a character array or {{tt|src}} is not a pointer to a null-terminated byte string.
-If the strings overlap, the behavior is undefined.
+@2@ Same as {{v|1}}, except that it may clobber the rest of the destination array with unspecified values and that the following errors are detected at runtime and call the currently installed [[c/error/set_constraint_handler_s|constraint handler]] function:
+:* {{tt|src}} or {{tt|dest}} is a null pointer
+:* {{tt|destsz}} is zero or greater than {{lc|RSIZE_MAX}}
+:* {{tt|destsz}} is less or equal {{c|strnlen_s(src, destsz)}}; in other words, truncation would occur
+:* overlap would occur between the source and the destination strings
+@@The behavior is undefined if the size of the character array pointed to by {{tt|dest}} <= {{c|strnlen_s(src, destsz)}} < {{tt|destsz}}; in other words, an erroneous value of {{tt|destsz}} does not expose the impending buffer overflow.
+:{{c/ext1 availability|strcpy_s}}
 ===Parameters===
-{{param list begin}}
+{{par begin}}
-{{param list item | dest | pointer to the byte string to copy to}}
+{{par | dest | pointer to the character array to write to}}
-{{param list item | src | pointer to the null-terminated byte string to copy from}}
+{{par | src | pointer to the null-terminated byte string to copy from}}
-{{param list end}}
+{{par | destsz | maximum number of characters to write, typically the size of the destination buffer}}
+{{par end}}
 ===Return value===
-{{tt|dest}}
+@1@ returns a copy of {{tt|dest}}
+@2@ returns zero on success, returns non-zero on error. Also, on error, writes zero to {{c|dest[0]}} (unless {{tt|dest}} is a null pointer or {{tt|destsz}} is zero or greater than {{lc|RSIZE_MAX}}).
+===Notes===
+{{tt|strcpy_s}} is allowed to clobber the destination array from the last character written up to {{tt|destsz}} in order to improve efficiency: it may copy in multibyte blocks and then check for null bytes.
+The function {{tt|strcpy_s}} is similar to the BSD function {{tt|strlcpy}}, except that
+* {{tt|strlcpy}} truncates the source string to fit in the destination (which is a security risk)
+* {{tt|strlcpy}} does not perform all the runtime checks that {{tt|strcpy_s}} does
+* {{tt|strlcpy}} does not make failures obvious by setting the destination to a null string or calling a handler if the call fails.
+Although {{tt|strcpy_s}} prohibits truncation due to potential security risks, it's possible to truncate a string using bounds-checked {{lc|strncpy|strncpy_s}} instead.
 ===Example===
 {{example
- |
+|code=
-  | code=
+#define __STDC_WANT_LIB_EXT1__ 1
- | output=
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+int main(void)
+{
+    const char *src = "Take the test.";
+//  src[0] = 'M' ; // this would be undefined behavior
+    char dst[strlen(src) + 1]; // +1 to accommodate for the null terminator
+    strcpy(dst, src);
+    dst[0] = 'M'; // OK
+    printf("src = %s\ndst = %s\n", src, dst);
+#ifdef __STDC_LIB_EXT1__
+    set_constraint_handler_s(ignore_handler_s);
+    int r = strcpy_s(dst, sizeof dst, src);
+    printf("dst = \"%s\", r = %d\n", dst, r);
+    r = strcpy_s(dst, sizeof dst, "Take even more tests.");
+    printf("dst = \"%s\", r = %d\n", dst, r);
+#endif
+}
+|p=true
+|output=
+src = Take the test.
+dst = Make the test.
+dst = "Take the test.", r = 0
+dst = "", r = 22
 }}
+===References===
+{{ref std c17}}
+{{ref std | section=7.24.2.3  | title=The strcpy function | p=264-265}}
+{{ref std | section=K.3.7.1.3 | title=The strcpy_s function | p=447}}
+{{ref std end}}
+{{ref std c11}}
+{{ref std | section=7.24.2.3  | title=The strcpy function | p=363}}
+{{ref std | section=K.3.7.1.3 | title=The strcpy_s function | p=615-616}}
+{{ref std end}}
+{{ref std c99}}
+{{ref std | section=7.21.2.3  | title=The strcpy function | p=326}}
+{{ref std end}}
+{{ref std c89}}
+{{ref std | section=4.11.2.3 | title=The strcpy function }}
+{{ref std end}}
 ===See also===
-{{dcl list begin}}
+{{dsc begin}}
-{{dcl list template | c/string/byte/dcl list strncpy}}
+{{dsc inc | c/string/byte/dsc strncpy}}
-{{dcl list template | c/string/byte/dcl list memcpy}}
+{{dsc inc | c/string/byte/dsc memcpy}}
-{{dcl list see cpp | cpp/string/byte/strcpy}}
+{{dsc inc | c/string/wide/dsc wcscpy}}
-{{dcl list end}}
+{{dsc inc | c/experimental/dynamic/dsc strdup}}
+{{dsc see cpp | cpp/string/byte/strcpy}}
+{{dsc end}}
-[[ru:c/string/byte/strcpy]]
+{{langlinks|ar|cs|de|es|fr|it|ja|ko|pl|pt|ru|tr|zh}}

Compiler support
Language
Headers
Type support
Program utilities
Variadic function support
Error handling
Dynamic memory management
Strings library
Algorithms
Numerics
Date and time utilities
Input/output support
Localization support
Concurrency support (C11)
Technical Specifications
Symbol index

cppreference.com

Namespaces

Variants

Views

Actions

Difference between revisions of "c/string/byte/strcpy"

Latest revision as of 19:44, 30 July 2023

Contents

[edit] Parameters

[edit] Return value

[edit] Notes

[edit] Example

[edit] References

[edit] See also

Navigation

Toolbox

dest	-	pointer to the character array to write to
src	-	pointer to the null-terminated byte string to copy from
destsz	-	maximum number of characters to write, typically the size of the destination buffer