LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 12-31-2004, 12:00 AM   #1
marales314
LQ Newbie
 
Registered: Dec 2004
Distribution: Debian
Posts: 26

Rep: Reputation: 16
Strings and input


When someone types in a string, like "hi I am Bill", how do you do something where you test to see if your string (array of characters) matches that?

Would it be something like: if msg[20] == "hi I am Bill" ?
I can't seem to get this to work.
 
Old 12-31-2004, 12:07 AM   #2
leonscape
Senior Member
 
Registered: Aug 2003
Location: UK
Distribution: Debian SID / KDE 3.5
Posts: 2,313

Rep: Reputation: 48
I presume where talking C?

Code:
if ( !strcmp( msg, "hi I am Bill" ) )
   //we have a match
else
   //No match
You need to check out The GNU C Library, specifaclly the String and Array Utilities section.
 
Old 12-31-2004, 12:33 AM   #3
fr0zen
Member
 
Registered: Nov 2003
Location: 127.0.0.1
Distribution: xubuntu
Posts: 217

Rep: Reputation: 30
And if you happen to know the maximum size of the buffer, you might as well just use strncmp since it's a safer function.

Code:
char msg[20];
strcpy(msg, "Hi, My name is Bill.");

int result = strncmp( msg, "Hi, My name is Bill.", 20);
if(result == 0) 
 // the strings match
else if(result < 0)
 // the first string is "less" than the second
else if(result > 0)
 // the first string is "greater" than the second
 
Old 12-31-2004, 02:43 AM   #4
itsme86
Senior Member
 
Registered: Jan 2004
Location: Oregon, USA
Distribution: Slackware
Posts: 1,246

Rep: Reputation: 59
Quote:
Originally posted by fr0zen
And if you happen to know the maximum size of the buffer, you might as well just use strncmp since it's a safer function.
How is strncmp() safer than strcmp()?
 
Old 12-31-2004, 04:55 AM   #5
bigearsbilly
Senior Member
 
Registered: Mar 2004
Location: england
Distribution: NetBSD, Void, Debian, Mint, Ubuntu, Puppy, Raspbian
Posts: 3,487

Rep: Reputation: 233Reputation: 233Reputation: 233
because it checks the size of the buffer before comparing.
this stops buffer over-runs which are a major source of
run-time crashes in C and best practice for program security.

If you read most linux security issues they are to do with buffer
overruns from using things like strcat instead of strncat etc.

billy
 
Old 12-31-2004, 06:54 AM   #6
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 111Reputation: 111
Quote:
Originally posted by bigearsbilly
because it checks the size of the buffer before comparing.
this stops buffer over-runs which are a major source of
run-time crashes in C and best practice for program security.

If you read most linux security issues they are to do with buffer
overruns from using things like strcat instead of strncat etc.
While this does sound logic, it's not really true in this case.

A buffer overrun occurs when the program writes past the end of the allocated buffer. But this is about strcmp(), which only reads 2 buffers. This is confirmed by the prototype of strcmp(): Both string parameters are declared as "const char *". The "const" specification ensures us the function will not write to the buffers.

Of course it is possible for strcmp() to read past the end of the buffer which may cause the program to crash with a segmentation fault. So you may think this introduces at least a Denial Of Service vulnerability in the program which can be prevented by using strncmp() instead of strcmp().

But think again: This can will only happen when the string in the buffer is not '\0'-terminated correctly. If this is the case, then this happened when the string-buffer was written i.e. read from user input, constructed with strcpy(), strcat(), gets() or the similar.

So a bug causing strcmp() to segfault is not in calling strcmp(), but before that, when the buffer was written.

Nontheless, using strncmp() instead of strcmp() cannot really harm. Only the performance may be slightly less. And in corner cases it may hide a real bug when a buffer is written by not segfaulting when a segfault would reveal the real buffer-bug somewhere else in the program where the buffer was written (as described above).

Last edited by Hko; 12-31-2004 at 07:06 AM.
 
Old 01-24-2005, 01:32 AM   #7
marales314
LQ Newbie
 
Registered: Dec 2004
Distribution: Debian
Posts: 26

Original Poster
Rep: Reputation: 16
wow! thank you.. Sorry I haven't responded to this, but it's exactly what I was wondering.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to find duplicate strings in vertical column of strings markhod Programming 7 11-02-2005 05:04 AM
Ctrl+Shift Unicode input gone, after installing Japanese Input Methodes polemon Linux - Newbie 1 09-20-2005 06:17 PM
strings in c djgerbavore Programming 8 01-11-2005 05:27 PM
Sendmail: timeout waiting for input from local during Draining Input andrewstr Linux - Software 0 07-14-2004 02:43 PM
my mouse input is takes as keyboard input in BASH e1000 Slackware 5 12-08-2003 04:00 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 01:24 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration