string/strcat.3

   1 .\" Copyright (c) 1990, 1991, 1993
   2 .\"     The Regents of the University of California.  All rights reserved.
   3 .\"
   4 .\" This code is derived from software contributed to Berkeley by
   5 .\" Chris Torek and the American National Standards Committee X3,
   6 .\" on Information Processing Systems.
   7 .\"
   8 .\" Redistribution and use in source and binary forms, with or without
   9 .\" modification, are permitted provided that the following conditions
  10 .\" are met:
  11 .\" 1. Redistributions of source code must retain the above copyright
  12 .\"    notice, this list of conditions and the following disclaimer.
  13 .\" 2. Redistributions in binary form must reproduce the above copyright
  14 .\"    notice, this list of conditions and the following disclaimer in the
  15 .\"    documentation and/or other materials provided with the distribution.
  16 .\" 3. All advertising materials mentioning features or use of this software
  17 .\"    must display the following acknowledgement:
  18 .\"     This product includes software developed by the University of
  19 .\"     California, Berkeley and its contributors.
  20 .\" 4. Neither the name of the University nor the names of its contributors
  21 .\"    may be used to endorse or promote products derived from this software
  22 .\"    without specific prior written permission.
  23 .\"
  24 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  25 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  26 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  27 .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  28 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  29 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  30 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  31 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  32 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  33 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  34 .\" SUCH DAMAGE.
  35 .\"
  36 .\"     @(#)strcat.3    8.1 (Berkeley) 6/4/93
  37 .\" $FreeBSD: src/lib/libc/string/strcat.3,v 1.13 2002/09/06 11:24:06 tjr Exp $
  38 .\"
  39 .Dd June 4, 1993
  40 .Dt STRCAT 3
  41 .Os
  42 .Sh NAME
  43 .Nm strcat ,
  44 .Nm strncat
  45 .Nd concatenate strings
  46 .Sh LIBRARY
  47 .Lb libc
  48 .Sh SYNOPSIS
  49 .In string.h
  50 .Ft char *
  51 .Fo strcat
  52 .Fa "char *restrict s1"
  53 .Fa "const char *restrict s2"
  54 .Fc
  55 .Ft char *
  56 .Fo strncat
  57 .Fa "char *restrict s1"
  58 .Fa "const char *restrict s2"
  59 .Fa "size_t n"
  60 .Fc
  61 .Sh DESCRIPTION
  62 The
  63 .Fn strcat
  64 and
  65 .Fn strncat
  66 functions
  67 append a copy of the null-terminated string
  68 .Fa s2
  69 to the end of the null-terminated string
  70 .Fa s1 ,
  71 then add a terminating
  72 .Ql \e0 .
  73 The string
  74 .Fa s1
  75 must have sufficient space to hold the result.
  76 .Pp
  77 The
  78 .Fn strncat
  79 function
  80 appends not more than
  81 .Fa n
  82 characters from
  83 .Fa s2 ,
  84 and then adds a terminating
  85 .Ql \e0 .
  86 .Pp
  87 The source and destination strings should not overlap, as the
  88 behavior is undefined.
  89 .Sh RETURN VALUES
  90 The
  91 .Fn strcat
  92 and
  93 .Fn strncat
  94 functions
  95 return the pointer
  96 .Fa s1 .
  97 .Sh SECURITY CONSIDERATIONS
  98 The
  99 .Fn strcat
 100 function is easily misused in a manner
 101 which enables malicious users to arbitrarily change
 102 a running program's functionality through a buffer overflow attack.
 103 (See
 104 the FSA.)
 105 .Pp
 106 Avoid using
 107 .Fn strcat .
 108 Instead, use
 109 .Fn strncat
 110 or
 111 .Fn strlcat
 112 and ensure that no more characters are copied to the destination buffer
 113 than it can hold.
 114 .Pp
 115 Note that
 116 .Fn strncat
 117 can also be problematic.
 118 It may be a security concern for a string to be truncated at all.
 119 Since the truncated string will not be as long as the original,
 120 it may refer to a completely different resource
 121 and usage of the truncated resource
 122 could result in very incorrect behavior.
 123 Example:
 124 .Bd -literal
 125 void
 126 foo(const char *arbitrary_string)
 127 {
 128         char onstack[8] = "";
 129
 130 #if defined(BAD)
 131         /*
 132          * This first strcat is bad behavior.  Do not use strcat!
 133          */
 134         (void)strcat(onstack, arbitrary_string);        /* BAD! */
 135 #elif defined(BETTER)
 136         /*
 137          * The following two lines demonstrate better use of
 138          * strncat().
 139          */
 140         (void)strncat(onstack, arbitrary_string,
 141             sizeof(onstack) - strlen(onstack) - 1);
 142 #elif defined(BEST)
 143         /*
 144          * These lines are even more robust due to testing for
 145          * truncation.
 146          */
 147         if (strlen(arbitrary_string) + 1 >
 148             sizeof(onstack) - strlen(onstack))
 149                 err(1, "onstack would be truncated");
 150         (void)strncat(onstack, arbitrary_string,
 151             sizeof(onstack) - strlen(onstack) - 1);
 152 #endif
 153 }
 154 .Ed
 155 .Sh SEE ALSO
 156 .Xr bcopy 3 ,
 157 .Xr memccpy 3 ,
 158 .Xr memcpy 3 ,
 159 .Xr memmove 3 ,
 160 .Xr strcpy 3 ,
 161 .Xr strlcat 3 ,
 162 .Xr strlcpy 3
 163 .Sh STANDARDS
 164 The
 165 .Fn strcat
 166 and
 167 .Fn strncat
 168 functions
 169 conform to
 170 .St -isoC .