strncat, strncat_s
From cppreference.com
| Defined in header <string.h>
|
||
| (1) | ||
| char *strncat( char *dest, const char *src, size_t count ); |
(until C99) | |
| char *strncat( char *restrict dest, const char *restrict src, size_t count ); |
(since C99) | |
| errno_t strncat_s(char *restrict dest, rsize_t destsz, const char *restrict src, rsize_t count); |
(2) | (since C11) |
1) Appends at most
count characters from the character array pointed to by src, stopping if the null character is found, to the end of the null-terminated byte string pointed to by dest. The character src[0] replaces the null terminator at the end of dest. The terminating null character is always appended in the end (so the maximum number of bytes the function may write is count+1). The behavior is undefined if the destination array does not have enough space for the contents of both
dest and the first count characters of src, plus the terminating null character. The behavior is undefined if the source and destination objects overlap. The behavior is undefined if either dest is not a pointer to a null-terminated byte string or src is not a pointer to a character array,2) Same as (1), except that this function may clobber the remainder of the destination array (from the last byte written to
destsz) and that the following errors are detected at runtime and call the currently installed constraint handler function:
-
srcordestis a null pointer -
destszorcountis zero or greater than RSIZE_MAX - there is no null character in the first
destszbytes ofdest - truncation would occur:
countor the length ofsrc, whichever is less, exceeds the space available between the null terminator ofdestanddestsz. - overlap would occur between the source and the destination strings
-
The behavior is undefined if the size of the character array pointed to by
dest < strnlen(dest,destsz)+strnlen(src,count)+1 < destsz; in other words, an erroneous value of destsz does not expose the impending buffer overflow. The behavior is undefined if the size of the character array pointed to by src < strnlen(src,count) < destsz; in other words, an erroneous value of count does not expose the impending buffer overflow.
- As all bounds-checked functions,
strncat_sis only guaranteed to be available if __STDC_LIB_EXT1__ is defined by the implementation and if the user defines __STDC_WANT_LIB_EXT1__ to the integer constant 1 before includingstring.h.
Parameters
| dest | - | pointer to the null-terminated byte string to append to |
| src | - | pointer to the character array to copy from |
| count | - | maximum number of characters to copy |
| destsz | - | the size of the destination buffer |
Return value
1) returns a copy of
dest2) returns zero on success, returns non-zero on error. Also, on error, writes zero to dest[0] (unless
dest is a null pointer or destsz is zero or greater than RMAX_SIZE).Notes
Although truncation to fit the destination buffer is a security risk and therefore a runtime constraints violation for strncat_s, it is possible to get the truncating behavior by specifying count equal to the size of the destination array minus one: it will copy the first count bytes and append the null terminator as always: strncat_s(dst, sizeof dst, src, (sizeof dst)-strnlen_s(dst, sizeof dst)-1);