1 .\" Copyright (C) 1993 David Metcalfe (david@prism.demon.co.uk)
3 .\" %%%LICENSE_START(VERBATIM)
4 .\" Permission is granted to make and distribute verbatim copies of this
5 .\" manual provided the copyright notice and this permission notice are
6 .\" preserved on all copies.
8 .\" Permission is granted to copy and distribute modified versions of this
9 .\" manual under the conditions for verbatim copying, provided that the
10 .\" entire resulting derived work is distributed under the terms of a
11 .\" permission notice identical to this one.
13 .\" Since the Linux kernel and libraries are constantly changing, this
14 .\" manual page may be incorrect or out-of-date. The author(s) assume no
15 .\" responsibility for errors or omissions, or for damages resulting from
16 .\" the use of the information contained herein. The author(s) may not
17 .\" have taken the same level of care in the production of this manual,
18 .\" which is licensed free of charge, as they might when working
21 .\" Formatted or processed versions of this manual, if unaccompanied by
22 .\" the source, must acknowledge the copyright and authors of this work.
25 .\" References consulted:
26 .\" Linux libc source code
27 .\" Lewine's _POSIX Programmer's Guide_ (O'Reilly & Associates, 1991)
29 .\" Modified Sat Jul 24 18:06:49 1993 by Rik Faith (faith@cs.unc.edu)
30 .\" Modified Fri Aug 25 23:17:51 1995 by Andries Brouwer (aeb@cwi.nl)
31 .\" Modified Wed Dec 18 00:47:18 1996 by Andries Brouwer (aeb@cwi.nl)
32 .\" 2007-06-15, Marc Boyer <marc.boyer@enseeiht.fr> + mtk
33 .\" Improve discussion of strncpy().
35 .TH STRCPY 3 2014-05-21 "GNU" "Linux Programmer's Manual"
37 strcpy, strncpy \- copy a string
40 .B #include <string.h>
42 .BI "char *strcpy(char *" dest ", const char *" src );
44 .BI "char *strncpy(char *" dest ", const char *" src ", size_t " n );
49 function copies the string pointed to by
51 including the terminating null byte (\(aq\\0\(aq),
52 to the buffer pointed to by
54 The strings may not overlap, and the destination string
56 must be large enough to receive the copy.
57 .IR "Beware of buffer overruns!"
62 function is similar, except that at most
68 If there is no null byte
75 will not be null-terminated.
82 writes additional null bytes to
84 to ensure that a total of
88 A simple implementation of
95 strncpy(char *dest, const char *src, size_t n)
99 for (i = 0; i < n && src[i] != \(aq\\0\(aq; i++)
102 dest[i] = \(aq\\0\(aq;
113 functions return a pointer to
114 the destination string
117 .SS Multithreading (see pthreads(7))
122 functions are thread-safe.
124 SVr4, 4.3BSD, C89, C99.
126 Some programmers consider
128 to be inefficient and error prone.
129 If the programmer knows (i.e., includes code to test!)
139 One valid (and intended) use of
141 is to copy a C string to a fixed-length buffer
142 while ensuring both that the buffer is not overflowed
143 and that unused bytes in the target buffer are zeroed out
144 (perhaps to prevent information leaks if the buffer is to be
145 written to media or transmitted to another process via an
146 interprocess communication technique).
148 If there is no terminating null byte in the first
153 produces an unterminated string in
159 you can force termination using something like the following:
163 strncpy(buf, str, buflen \- 1);
165 buf[buflen \- 1]= \(aq\\0\(aq;
169 (Of course, the above technique ignores the fact that, if
173 bytes, information is lost in the copying to
177 Some systems (the BSDs, Solaris, and others) provide the following function:
179 size_t strlcpy(char *dest, const char *src, size_t size);
181 .\" http://static.usenix.org/event/usenix99/full_papers/millert/millert_html/index.html
182 .\" "strlcpy and strlcat - consistent, safe, string copy and concatenation"
183 .\" 1999 USENIX Annual Technical Conference
184 This function is similar to
186 but it copies at most
190 always adds a terminating null byte,
191 and does not pad the target with (further) null bytes.
192 This function fixes some of the problems of
196 but the caller must still handle the possibility of data loss if
199 The return value of the function is the length of
201 which allows truncation to be easily detected:
202 if the return value is greater than or equal to
205 If loss of data matters, the caller
207 either check the arguments before the call,
208 or test the function return value.
210 is not present in glibc and is not standardized by POSIX,
211 .\" https://lwn.net/Articles/506530/
212 but is available on Linux via the
216 If the destination string of a
218 is not large enough, then anything might happen.
219 Overflowing fixed-length string buffers is a favorite cracker technique
220 for taking complete control of the machine.
221 Any time a program reads or copies data into a buffer,
222 the program first needs to check that there's enough space.
223 This may be unnecessary if you can show that overflow is impossible,
224 but be careful: programs can get changed over time,
225 in ways that may make the impossible possible.
238 This page is part of release 3.79 of the Linux
241 A description of the project,
242 information about reporting bugs,
243 and the latest version of this page,
245 \%http://www.kernel.org/doc/man\-pages/.