STRCPY(3) | Library Functions Manual | STRCPY(3) |
stpcpy
, strcpy
—
#include <string.h>
char *
stpcpy
(char
* restrict dst, const
char * restrict src);
char *
strcpy
(char
* restrict dst, const
char * restrict src);
stpcpy
() and strcpy
()
functions copy the string src to
dst, including the terminating NUL byte.
The strings src and
dst may not overlap. The string
src must be terminated by a NUL byte. The memory for
dst must have space for
strlen
(src) +
1
bytes.
strcpy
() function returns dst.
The stpcpy
() function returns a pointer to
the terminating NUL byte of dst.
strcpy
() function conforms to
ISO/IEC 9899:1999 (“ISO C99”).
The stpcpy
() function conforms to
IEEE Std 1003.1-2008 (“POSIX.1”).
stpcpy
() function first appeared in
NetBSD 6.0.
strcpy
() and stpcpy
()
functions copy until a NUL terminator without any bounds checks on the size of
the input or output buffers. If the input buffer is missing a NUL terminator,
or the input string is longer than the output buffer, this can lead to crashes
or security vulnerabilities from buffer overruns, including disclosure of
secrets in memory and arbitrary code execution.
The strlcpy(3)
function is a safer replacement for strcpy
() which
allows the caller to specify the space allocated for
dst.
strlcpy(3), or
snprintf(3) with a format
string of "%s"
, should be used instead of
strcpy
() and stpcpy
()
wherever possible to avoid buffer overruns in dst.
(However, they still require src to be
NUL-terminated.)
August 11, 2023 | NetBSD 10.1 |