string concatenation

string concatenation

Post by shri_gajar » Thu, 12 Feb 2004 21:53:45


hi all,

i am writing a code in which i have a char buffer "cwdir[]"
which hold the current working directory by calling the function
getcwd(). later i change the directory to "/" as i have to make my
code Deamon. and later again i want to run some other executable
available at the path holded by the "cwdir[]" using the system()
system call. presently i concatenate program name (to be executed) to
the "cwdir[]" and use system(chdir)to run the program.

do we have any facility to automate this process as i need to run
many other programs also using the system() system call for ex as we
can use the ## symbol to cancatenate in macro ...

--shri
 
 
 

string concatenation

Post by Douglas A. » Fri, 13 Feb 2004 05:49:09


I *think* that what you are asking for is strcpy(), strcat(), etc.
You might also want to use strdup(), which is not specified in the
C standard but is available in every modern Unix system's C library.
And of course in the Unix (POSIX) system C library is also a family
of exec() functions. Learn to use "man -k", and also study a good
Unix programming text such as Kernighan & Pike.

It should also be noted that you shouldn't be writing programs that
run with elevated privilege (set-UID, daemon) without knowing a lot
more about security loopholes than you seem to be aware of.

 
 
 

string concatenation

Post by Sean Burk » Sat, 14 Feb 2004 16:17:54


"Douglas A. Gwyn" < XXXX@XXXXX.COM > writes:


Since you mention security (e.g. buffer overflows),
it's worth adding that strcpy, strcat have long since
been deprecated in favor of strlcpy, strlcat.

-SEan
 
 
 

string concatenation

Post by rlb » Sat, 14 Feb 2004 17:06:19


Not in ISO C, they haven't. Maybe in POSIX.

Richard
 
 
 

string concatenation

Post by Douglas A. » Sat, 14 Feb 2004 18:32:07


If you think that helps very much with security
then you're much mistaken. Presumably the idea is
to prevent buffer overflows, but that can also be
done in many other ways, many of them involving
only the standard C library functions. And anyway
neither an unchecked failure to fill a buffer nor
an unchecked truncation of the contents of a buffer
is very good from the standpoint of security. It's
a big subject, and as usual the attempt to automate
correct programming just changes the symptoms of a
problem without curing the disease.
 
 
 

string concatenation

Post by mru » Sat, 14 Feb 2004 18:41:59

Sean Burke < XXXX@XXXXX.COM > writes:


I can't find those anywhere on my system, only strncpy and strncat.
The latter are defined by ISO C.

--
Ms Rullgd
XXXX@XXXXX.COM
 
 
 

string concatenation

Post by Walter Bri » Sat, 14 Feb 2004 19:19:47

In message < XXXX@XXXXX.COM > of Fri, 13 Feb 2004
08:06:19 in comp.std.c, Richard Bos < XXXX@XXXXX.COM > writes


Neither there!
( http://www.yqcomputer.com/ )

They ARE documented at http://www.yqcomputer.com/

My summary of that is
size_t strlcpy(char *dst, const char *src, size_t size);
Copy a string of up to size-1 bytes from src to dst. Return strlen(src).

size_t strlcat(char *dst, const char *src, size_t size);
Concatenate bytes from src to dst to form a string with strlen(dst) <
size. Return strlen(dst) /* before concatenation */ + strlen(src).

The functions allow buffer overflow elimination.
For a pathological case given, strlcpy is slightly slower than strcpy
and much faster than strncpy because strncpy pads with nul bytes.

The authors added them to OpenBSD in 1996 and report their approval for
a future Solaris version in their undated paper. Source code is said to
be available at ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string

Have the functions been submitted for C standardisation?
--
Walter Briscoe
 
 
 

string concatenation

Post by rlb » Sat, 14 Feb 2004 20:28:28


Nice, meaningless statement; so does strncat(), and so does using
strlen() and inserting a '\0' at the right place before using strcpy().


No. Might be a nice addition, but I wouldn't describe them as vital.
Mind you, I won't complain if they _are_ added to C20XX.

Richard
 
 
 

string concatenation

Post by robert.tho » Sat, 14 Feb 2004 20:45:19


Have they?

They are not present in many frequently used operating systems.

They are not AFAIK part of the C standard, nor are they AFAIK part of
the POSIX standard.
 
 
 

string concatenation

Post by Dan.Po » Sat, 14 Feb 2004 21:09:17

In < XXXX@XXXXX.COM > Sean Burke < XXXX@XXXXX.COM > writes:


On the contrary, any C program using these identifiers with external
linkage invokes undefined behaviour.

Whoever wanted to improve upon strcpy and friends should have had enough
clues to avoid identifiers belonging to the implementation name space.

lstrcpy() and lstrcat() would have been ideal names for this purpose.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: XXXX@XXXXX.COM
 
 
 

string concatenation

Post by Maurizio L » Sat, 14 Feb 2004 21:24:39


XXXX@XXXXX.COM (Dan Pop) writes:


Maybe Mr. Burke misspelled "strncpy" and "strncat", mentioned in
ISO/IEC 9899:1999 under 7.21.2.4 and 7.21.3.2 ? Their prototypes (in
<string.h>) are

char *strncpy(char * restrict, const char * restrict, size_t);
char *strncat(char * restrict, const char * restrict, size_t);

--
Maurizio Loreti http://www.yqcomputer.com/ ~loreti/mlo.html
Dept. of Physics, Univ. of Padova, Italy ROT13: XXXX@XXXXX.COM
 
 
 

string concatenation

Post by mru » Sat, 14 Feb 2004 21:47:32

Maurizio Loreti < XXXX@XXXXX.COM > writes:


Maybe he meant those, but the non-standard strl* variants are more
useful. The return values from the standard str* functions are
utterly useless, since you already knew the value. Returning the
number bytes copied is much more useful. BTW, str*cat should be used
sparingly. In most cases you have, or can easily get (cheaper than
scanning), a pointer to the end of the destination string.

--
Ms Rullgd
XXXX@XXXXX.COM
 
 
 

string concatenation

Post by Sean Burk » Sun, 15 Feb 2004 02:12:51


Maurizio Loreti < XXXX@XXXXX.COM > writes:


No, I meant strlcpy/strlcat, and I find them to be better
than the strn* calls. I'm astonished to learn that they
aren't yet standardised.

-SEan
 
 
 

string concatenation

Post by Sean Burk » Sun, 15 Feb 2004 02:31:48


XXXX@XXXXX.COM (Richard Bos) writes:




Don't tell me that snprintf, vsnprintf() are also nonstandard?

-SEan
 
 
 

string concatenation

Post by James Kuyp » Sun, 15 Feb 2004 02:48:53


...

No: see sections 7.19.6.5 and 7.19.6.12.