ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Could you provide some details regarding your understanding of "the best practice of c-style stings (sic)"? Concrete examples might help your LQ colleagues in helping you.
P.S.: I hope you do not mind that I am taking your thread off the zero-reply list but I hope this will prove to be benefical.
Strings are arrays of characters and have different functions like adding strings, finding the length of strings, and also checking to see if strings match. Here are a few examples:
Code:
strcmp()
strcmp will accept two strings. It will return an integer
Code:
strcat()
strcat is short for string concatenate, which means to add to the end, or append
Code:
strcpy()
strcpy is short for string copy, which means it copies the entire contents of 'src' into 'dest'.
Code:
strlen()
strlen will return the length of a string, minus the terminating character ('\0')
As for a better practice for c-strings; maybe there is or maybe there isn't.
I guess it depends on you.
If you want more info check the websites "http://cprogramming.com" and "http://www.programmersheaven.com" and there are more tutorials on strings on the Internet.
The best practice is to not use these functions. They don't take the string's length as a parameter, and therefore make it much more likely that your code will be vulnerable to buffer overflows. The functions to use instead are strncmp, strncat and strncpy.
Yeah, ozanbaba. What does that mean? Examples of good and bad ones (and why they're good or bad) please.
Also, I noticed that the question is about "C-style strings" and not "strings in C". C++ uses C-style strings by default. However, in C++ the best practice is to use the string class in their place whenever possible.
And to avoid the buffer overflow vulnerability, see post #5: prefer functions that take the string's length over those that don't.
Yeah, ozanbaba. What does that mean? Examples of good and bad ones (and why they're good or bad) please.
Also, I noticed that the question is about "C-style strings" and not "strings in C". C++ uses C-style strings by default. However, in C++ the best practice is to use the string class in their place whenever possible.
And to avoid the buffer overflow vulnerability, see post #5: prefer functions that take the string's length over those that don't.
Please do go on. I'm learning more from each exchange
Edit
@OP
Thank you for your ambiguity. This thread is great so far.
I found this tutorial in "http://www.learncpp.com/cpp-tutorial/66-c-style-strings/. I only listed the most important content of the tutorial. Here it is:
Why did we declare the string to be 255 characters long? The answer is that we don’t know how many characters the user is going to enter. We are using this array of 255 characters as a buffer. A buffer is memory set aside temporarily to hold data. In this case, we’re temporarily holding the user input before we write it out using cout.
If the user were to enter more characters than our array could hold, we would get a buffer overflow. A buffer overflow occurs when the program tries to store more data in a buffer than the buffer can hold. Buffer overflow results in other memory being overwritten, which usually causes a program crash, but can cause any number of other issues. By making our buffer 255 charaters long, we are guessing that the user will not enter this many characters. Although this is commonly seen in C/C++ programming, it is poor programming.
The recommended way of reading strings using cin is as follows:
This call to cin.getline() will read up to 254 characters into szString (leaving room for the null terminator!). Any excess characters will be discarded. In this way, we guarantee that buffer overflow will not occur.
This should give you an insight of what are buffers and buffer overflows. Hopefully this would give you a clear idea on how to avoid buffer overflows. You can go to the site if you want to see the whole tutorial.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
