string/strcat.3

   1 .\" Copyright (c) 1990, 1991, 1993
   2 .\"     The Regents of the University of California.  All rights reserved.
   3 .\"
   4 .\" This code is derived from software contributed to Berkeley by
   5 .\" Chris Torek and the American National Standards Committee X3,
   6 .\" on Information Processing Systems.
   7 .\"
   8 .\" Redistribution and use in source and binary forms, with or without
   9 .\" modification, are permitted provided that the following conditions
  10 .\" are met:
  11 .\" 1. Redistributions of source code must retain the above copyright
  12 .\"    notice, this list of conditions and the following disclaimer.
  13 .\" 2. Redistributions in binary form must reproduce the above copyright
  14 .\"    notice, this list of conditions and the following disclaimer in the
  15 .\"    documentation and/or other materials provided with the distribution.
  16 .\" 3. All advertising materials mentioning features or use of this software
  17 .\"    must display the following acknowledgement:
  18 .\"     This product includes software developed by the University of
  19 .\"     California, Berkeley and its contributors.
  20 .\" 4. Neither the name of the University nor the names of its contributors
  21 .\"    may be used to endorse or promote products derived from this software
  22 .\"    without specific prior written permission.
  23 .\"
  24 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  25 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  26 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  27 .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  28 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  29 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  30 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  31 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  32 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  33 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  34 .\" SUCH DAMAGE.
  35 .\"
  36 .\"     @(#)strcat.3    8.1 (Berkeley) 6/4/93
  37 .\" $FreeBSD: src/lib/libc/string/strcat.3,v 1.13 2002/09/06 11:24:06 tjr Exp $
  38 .\"
  39 .Dd June 4, 1993
  40 .Dt STRCAT 3
  41 .Os
  42 .Sh NAME
  43 .Nm strcat ,
  44 .Nm strncat
  45 .Nd concatenate strings
  46 .Sh LIBRARY
  47 .Lb libc
  48 .Sh SYNOPSIS
  49 .In string.h
  50 .Ft char *
  51 .Fo strcat
  52 .Fa "char *restrict s1"
  53 .Fa "const char *restrict s2"
  54 .Fc
  55 .Ft char *
  56 .Fo strncat
  57 .Fa "char *restrict s1"
  58 .Fa "const char *restrict s2"
  59 .Fa "size_t n"
  60 .Fc
  61 .Sh DESCRIPTION
  62 The
  63 .Fn strcat
  64 and
  65 .Fn strncat
  66 functions
  67 append a copy of the null-terminated string
  68 .Fa s2
  69 to the end of the null-terminated string
  70 .Fa s1 ,
  71 then add a terminating
  72 .Ql \e0 .
  73 The string
  74 .Fa s1
  75 must have sufficient space to hold the result.
  76 .Pp
  77 The
  78 .Fn strncat
  79 function
  80 appends not more than
  81 .Fa n
  82 characters from
  83 .Fa s2 ,
  84 and then adds a terminating
  85 .Ql \e0 .
  86 .Sh RETURN VALUES
  87 The
  88 .Fn strcat
  89 and
  90 .Fn strncat
  91 functions
  92 return the pointer
  93 .Fa s1 .
  94 .Sh SECURITY CONSIDERATIONS
  95 The
  96 .Fn strcat
  97 function is easily misused in a manner
  98 which enables malicious users to arbitrarily change
  99 a running program's functionality through a buffer overflow attack.
 100 (See
 101 the FSA.)
 102 .Pp
 103 Avoid using
 104 .Fn strcat .
 105 Instead, use
 106 .Fn strncat
 107 or
 108 .Fn strlcat
 109 and ensure that no more characters are copied to the destination buffer
 110 than it can hold.
 111 .Pp
 112 Note that
 113 .Fn strncat
 114 can also be problematic.
 115 It may be a security concern for a string to be truncated at all.
 116 Since the truncated string will not be as long as the original,
 117 it may refer to a completely different resource
 118 and usage of the truncated resource
 119 could result in very incorrect behavior.
 120 Example:
 121 .Bd -literal
 122 void
 123 foo(const char *arbitrary_string)
 124 {
 125         char onstack[8] = "";
 126
 127 #if defined(BAD)
 128         /*
 129          * This first strcat is bad behavior.  Do not use strcat!
 130          */
 131         (void)strcat(onstack, arbitrary_string);        /* BAD! */
 132 #elif defined(BETTER)
 133         /*
 134          * The following two lines demonstrate better use of
 135          * strncat().
 136          */
 137         (void)strncat(onstack, arbitrary_string,
 138             sizeof(onstack) - strlen(onstack) - 1);
 139 #elif defined(BEST)
 140         /*
 141          * These lines are even more robust due to testing for
 142          * truncation.
 143          */
 144         if (strlen(arbitrary_string) + 1 >
 145             sizeof(onstack) - strlen(onstack))
 146                 err(1, "onstack would be truncated");
 147         (void)strncat(onstack, arbitrary_string,
 148             sizeof(onstack) - strlen(onstack) - 1);
 149 #endif
 150 }
 151 .Ed
 152 .Sh SEE ALSO
 153 .Xr bcopy 3 ,
 154 .Xr memccpy 3 ,
 155 .Xr memcpy 3 ,
 156 .Xr memmove 3 ,
 157 .Xr strcpy 3 ,
 158 .Xr strlcat 3 ,
 159 .Xr strlcpy 3
 160 .Sh STANDARDS
 161 The
 162 .Fn strcat
 163 and
 164 .Fn strncat
 165 functions
 166 conform to
 167 .St -isoC .