Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How does strcpy_s work?

Tags:

c

string

strcpy

As we all know, strcpy_s is a safety version of strcpy.

But I wonder how it works ...

let's see some examples.

strpy_s's declaration:
errno_t strcpy_s(_CHAR *_DEST, size_t _SIZE, const _CHAR *_SRC)

eg1

char dest[5];
char* src = "abcdefg";
strcpy_s(dest,5,src);

It will return an assertion.
I think I can understand this, use _SIZE to make sure we can't copy more characters than _SIZE

But.. I can't understand this:

char dest[5];
char* src = "abcdefg";
strcpy_s(dest,10,src);

we can still get a assertion, how did that happened?

ps,error was:

Debug Assertion Failed
expression : (L"Buffer is too small "&&0)


In VS2013

will strcpy_s checks the size of dest inside its body?? and if it's true , how? how to check a pointer like _DEST?

like image 653
Joey Avatar asked Apr 26 '14 05:04

Joey


3 Answers

In DEBUG mode, MicroSoft APIs fill the buffer with 0xfd, so they can check for an overflow.

This function doesn't truncate the copied string, but raises an exception!

It's always a pain to specify the size of the dest buffer (use _countof rather than sizeof), mostly when you use a pointer!

I have more problems with those "_s" APIs than with the standards ones!!

like image 169
Ananké Avatar answered Oct 06 '22 20:10

Ananké


MSDN Says "The strcpy_s function copies the contents in the address of strSource, including the terminating null character, to the location that's specified by strDestination. The destination string must be large enough to hold the source string and its terminating null character. The behavior of strcpy_s is undefined if the source and destination strings overlap."

like image 22
Santosh Dhanawade Avatar answered Oct 06 '22 20:10

Santosh Dhanawade


This is actually how to get the size of a stack array at run time without decaying it to a pointer:

template<typename T, size_t N> 
size_t arrSize(T (&array)[N])  
{
  return N;
}

You send it as a template reference, and the template mechanism deduces the size. So, you can do something like

int myArray[10];
cout << arrSize(myArray); // will display 10

So my guess is that this is how the "safe" MS strcpy_s is checking the sizes. Otherwise, if you pass just a pointer, there is NO STANDARD-COMPLIANT way of getting the size.

like image 31
vsoftco Avatar answered Oct 06 '22 20:10

vsoftco