Provided by: manpages-dev_5.05-1_all bug


       strcpy, strncpy - copy a string


       #include <string.h>

       char *strcpy(char *dest, const char *src);

       char *strncpy(char *dest, const char *src, size_t n);


       The  strcpy() function copies the string pointed to by src, including the terminating null
       byte ('\0'), to the buffer pointed to by dest.  The  strings  may  not  overlap,  and  the
       destination  string  dest  must  be  large  enough  to receive the copy.  Beware of buffer
       overruns!  (See BUGS.)

       The strncpy() function is similar, except  that  at  most  n  bytes  of  src  are  copied.
       Warning:  If  there  is  no null byte among the first n bytes of src, the string placed in
       dest will not be null-terminated.

       If the length of src is less than n, strncpy() writes additional null  bytes  to  dest  to
       ensure that a total of n bytes are written.

       A simple implementation of strncpy() might be:

           char *
           strncpy(char *dest, const char *src, size_t n)
               size_t i;

               for (i = 0; i < n && src[i] != '\0'; i++)
                   dest[i] = src[i];
               for ( ; i < n; i++)
                   dest[i] = '\0';

               return dest;


       The strcpy() and strncpy() functions return a pointer to the destination string dest.


       For an explanation of the terms used in this section, see attributes(7).

       │InterfaceAttributeValue   │
       │strcpy(), strncpy() │ Thread safety │ MT-Safe │


       POSIX.1-2001, POSIX.1-2008, C89, C99, SVr4, 4.3BSD.


       Some  programmers consider strncpy() to be inefficient and error prone.  If the programmer
       knows (i.e., includes code to test!)  that the size of dest is greater than the length  of
       src, then strcpy() can be used.

       One  valid  (and intended) use of strncpy() is to copy a C string to a fixed-length buffer
       while ensuring both that the buffer is  not  overflowed  and  that  unused  bytes  in  the
       destination  buffer  are zeroed out (perhaps to prevent information leaks if the buffer is
       to be written to media or transmitted to another process via an interprocess communication

       If  there  is  no terminating null byte in the first n bytes of src, strncpy() produces an
       unterminated string in dest.  If buf has length buflen, you can  force  termination  using
       something like the following:

           if (buflen > 0) {
               strncpy(buf, str, buflen - 1);
               buf[buflen - 1]= '\0';

       (Of  course,  the  above  technique  ignores  the  fact  that,  if  src contains more than
       buflen - 1 bytes, information is lost in the copying to dest.)

       Some systems (the BSDs, Solaris, and others) provide the following function:

           size_t strlcpy(char *dest, const char *src, size_t size);

       This function is similar to strncpy(), but it copies at most size-1 bytes to dest,  always
       adds  a terminating null byte, and does not pad the destination with (further) null bytes.
       This function fixes some of the problems of strcpy() and strncpy(), but  the  caller  must
       still  handle  the possibility of data loss if size is too small.  The return value of the
       function is the length of src, which allows truncation  to  be  easily  detected:  if  the
       return  value  is  greater  than  or  equal to size, truncation occurred.  If loss of data
       matters, the caller must either check the arguments before the call, or test the  function
       return  value.  strlcpy() is not present in glibc and is not standardized by POSIX, but is
       available on Linux via the libbsd library.


       If the destination string of a strcpy() is not large enough, then anything  might  happen.
       Overflowing  fixed-length  string  buffers  is  a  favorite  cracker  technique for taking
       complete control of the machine.  Any time a program reads or copies data into  a  buffer,
       the  program  first  needs to check that there's enough space.  This may be unnecessary if
       you can show that overflow is impossible, but be careful: programs can  get  changed  over
       time, in ways that may make the impossible possible.


       bcopy(3),  memccpy(3), memcpy(3), memmove(3), stpcpy(3), stpncpy(3), strdup(3), string(3),
       wcscpy(3), wcsncpy(3)


       This page is part of release 5.05 of the Linux man-pages project.  A  description  of  the
       project,  information  about  reporting  bugs, and the latest version of this page, can be
       found at