By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,983 Members | 2,049 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,983 IT Pros & Developers. It's quick & easy.

Alternative to strcpy

P: 72
Was just wondering if there was an alternative to the strcpy function?
Have done up my assignment on buffer overrun than I realised that I cannot use the strcpy function as stated in the question paper.

Did some search around the internet and found things like strncpy but I dun think I can use that as it specifies the number of characters to copy which will not give me the same effect as strcpy.

Will still continue to search in the mean time.

Thanks in advance. :)
Aug 10 '07 #1
Share this Question
Share on Google+
5 Replies


weaknessforcats
Expert Mod 5K+
P: 9,197
There is no alternative to strcpy(). Only strcpy() will copy characters until it reaches a \0 whether it has corrupted your memory or not. It doesn't care. Hackers love this thing.

All replacements a) require you know ahead of time how big the target buffer is (like MS strcpy_s()) or b) overload the assignment operator (C++ only) and not use strcpy() in the assignment of youer class members.

That is:
If you are using C++ you should not be using anything from the C string library. You should be using C++ string objects instead.
If you are using C, then you will need to know the size of the target buffer. A function like this can be written in five minutes.
Aug 10 '07 #2

Expert 10K+
P: 11,448
If you are using C, then you will need to know the size of the target buffer. A function like this can be written in five minutes.
If the function is just passed an address it'll be a hell of a job to determine
whether or not a certain string will fit in there; iow what the 'size' of the buffer
is located at that particular address.

kind regards,

Jos
Aug 10 '07 #3

weaknessforcats
Expert Mod 5K+
P: 9,197
If the function is just passed an address it'll be a hell of a job to determine
whether or not a certain string will fit in there; iow what the 'size' of the buffer
is located at that particular address.
Yes indeed. So in C you would write a struct with a char* and an unisgned int member for the size of the buffer (not the size of the string). Then you would use these struct variables as your string and write a bevy of functions that use the struct. Eventually, you would replace the entire C string library.

You would do the same thing in C++ with appropriate access specifiers and member functions. That is, the basic_string<> template.
Aug 10 '07 #4

Expert 10K+
P: 11,448
Yes indeed. So in C you would write a struct with a char* and an unisgned int member for the size of the buffer (not the size of the string). Then you would use these struct variables as your string and write a bevy of functions that use the struct. Eventually, you would replace the entire C string library.

You would do the same thing in C++ with appropriate access specifiers and member functions. That is, the basic_string<> template.
C is just structured assembly language; we shouldn't expect utter safety from it
and we certainly shouldn't ask C to protect us from our own bloopers. If someone
wants a safe programming language s/he should program in an interpreted form
of some language; C just shoots us in the foot if we goof; C++ is a bit meaner:
it also stabs us in the back when we don't pay attention for a moment ;-)

kind regards,

Jos
Aug 10 '07 #5

P: 72
wow lots of stuff to digest here... thanks for the tips... :)
Aug 10 '07 #6

Post your reply

Sign in to post your reply or Sign up for a free account.