]> git.saurik.com Git - apple/libc.git/blame - string/strcat.3
Libc-498.tar.gz
[apple/libc.git] / string / strcat.3
CommitLineData
224c7076
A
1.\" Copyright (c) 1990, 1991, 1993
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" This code is derived from software contributed to Berkeley by
5.\" Chris Torek and the American National Standards Committee X3,
6.\" on Information Processing Systems.
7.\"
8.\" Redistribution and use in source and binary forms, with or without
9.\" modification, are permitted provided that the following conditions
10.\" are met:
11.\" 1. Redistributions of source code must retain the above copyright
12.\" notice, this list of conditions and the following disclaimer.
13.\" 2. Redistributions in binary form must reproduce the above copyright
14.\" notice, this list of conditions and the following disclaimer in the
15.\" documentation and/or other materials provided with the distribution.
16.\" 3. All advertising materials mentioning features or use of this software
17.\" must display the following acknowledgement:
18.\" This product includes software developed by the University of
19.\" California, Berkeley and its contributors.
20.\" 4. Neither the name of the University nor the names of its contributors
21.\" may be used to endorse or promote products derived from this software
22.\" without specific prior written permission.
23.\"
24.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34.\" SUCH DAMAGE.
35.\"
36.\" @(#)strcat.3 8.1 (Berkeley) 6/4/93
37.\" $FreeBSD: src/lib/libc/string/strcat.3,v 1.13 2002/09/06 11:24:06 tjr Exp $
38.\"
39.Dd June 4, 1993
40.Dt STRCAT 3
41.Os
42.Sh NAME
43.Nm strcat ,
44.Nm strncat
45.Nd concatenate strings
46.Sh LIBRARY
47.Lb libc
48.Sh SYNOPSIS
49.In string.h
50.Ft char *
51.Fo strcat
52.Fa "char *restrict s1"
53.Fa "const char *restrict s2"
54.Fc
55.Ft char *
56.Fo strncat
57.Fa "char *restrict s1"
58.Fa "const char *restrict s2"
59.Fa "size_t n"
60.Fc
61.Sh DESCRIPTION
62The
63.Fn strcat
64and
65.Fn strncat
66functions
67append a copy of the null-terminated string
68.Fa s2
69to the end of the null-terminated string
70.Fa s1 ,
71then add a terminating
72.Ql \e0 .
73The string
74.Fa s1
75must have sufficient space to hold the result.
76.Pp
77The
78.Fn strncat
79function
80appends not more than
81.Fa n
82characters from
83.Fa s2 ,
84and then adds a terminating
85.Ql \e0 .
86.Sh RETURN VALUES
87The
88.Fn strcat
89and
90.Fn strncat
91functions
92return the pointer
93.Fa s1 .
94.Sh SECURITY CONSIDERATIONS
95The
96.Fn strcat
97function is easily misused in a manner
98which enables malicious users to arbitrarily change
99a running program's functionality through a buffer overflow attack.
100(See
101the FSA.)
102.Pp
103Avoid using
104.Fn strcat .
105Instead, use
106.Fn strncat
107or
108.Fn strlcat
109and ensure that no more characters are copied to the destination buffer
110than it can hold.
111.Pp
112Note that
113.Fn strncat
114can also be problematic.
115It may be a security concern for a string to be truncated at all.
116Since the truncated string will not be as long as the original,
117it may refer to a completely different resource
118and usage of the truncated resource
119could result in very incorrect behavior.
120Example:
121.Bd -literal
122void
123foo(const char *arbitrary_string)
124{
125 char onstack[8] = "";
126
127#if defined(BAD)
128 /*
129 * This first strcat is bad behavior. Do not use strcat!
130 */
131 (void)strcat(onstack, arbitrary_string); /* BAD! */
132#elif defined(BETTER)
133 /*
134 * The following two lines demonstrate better use of
135 * strncat().
136 */
137 (void)strncat(onstack, arbitrary_string,
138 sizeof(onstack) - strlen(onstack) - 1);
139#elif defined(BEST)
140 /*
141 * These lines are even more robust due to testing for
142 * truncation.
143 */
144 if (strlen(arbitrary_string) + 1 >
145 sizeof(onstack) - strlen(onstack))
146 err(1, "onstack would be truncated");
147 (void)strncat(onstack, arbitrary_string,
148 sizeof(onstack) - strlen(onstack) - 1);
149#endif
150}
151.Ed
152.Sh SEE ALSO
153.Xr bcopy 3 ,
154.Xr memccpy 3 ,
155.Xr memcpy 3 ,
156.Xr memmove 3 ,
157.Xr strcpy 3 ,
158.Xr strlcat 3 ,
159.Xr strlcpy 3
160.Sh STANDARDS
161The
162.Fn strcat
163and
164.Fn strncat
165functions
166conform to
167.St -isoC .