:man| Alphabetical   Categories   About us 
 
STRCAT (3) | C library functions | Unix Manual Pages | :man

NAME

strcat - concatenate strings

CONTENTS

Library
Synopsis
Description
Return Values
Security Considerations
See Also
Standards

LIBRARY


.Lb libc

SYNOPSIS


.In string.h char * strcat "char * restrict s" "const char * restrict append" char * strncat "char * restrict s" "const char * restrict append" "size_t count"

DESCRIPTION

The strcat and strncat functions append a copy of the null-terminated string append to the end of the null-terminated string s, then add a terminating ‘\0’. The string s must have sufficient space to hold the result.

The strncat function appends not more than count characters from append, and then adds a terminating ‘\0’.

RETURN VALUES

The strcat and strncat functions return the pointer s.

SECURITY CONSIDERATIONS

The strcat function is easily misused in a manner which enables malicious users to arbitrarily change a running program’s functionality through a buffer overflow attack. (See the FSA.)

Avoid using strcat. Instead, use strncat or strlcat and ensure that no more characters are copied to the destination buffer than it can hold.

Note that strncat can also be problematic. It may be a security concern for a string to be truncated at all. Since the truncated string will not be as long as the original, it may refer to a completely different resource and usage of the truncated resource could result in very incorrect behavior. Example:
void
foo(const char *arbitrary_string)
{
char onstack[8];


#if defined(BAD)
/*
* This first strcat is bad behavior. Do not use strcat!
*/
(void)strcat(onstack, arbitrary_string); /* BAD! */
#elif defined(BETTER)
/*
* The following two lines demonstrate better use of
* strncat().
*/
(void)strncat(onstack, arbitrary_string,
sizeof(onstack) - strlen(onstack) - 1);
#elif defined(BEST)
/*
* These lines are even more robust due to testing for
* truncation.
*/
if (strlen(arbitrary_string) + 1 >
sizeof(onstack) - strlen(onstack))
err(1, "onstack would be truncated");
(void)strncat(onstack, arbitrary_string,
sizeof(onstack) - strlen(onstack) - 1);
#endif
}

SEE ALSO

bcopy(3), memccpy(3), memcpy(3), memmove(3), strcpy(3), strlcat(3), strlcpy(3)
.Rs "The FreeBSD Security Architecture"
.Re (See "/usr/share/doc/{to be decided}".)

STANDARDS


Share this page

     Follow us

Facebook Twitter Google+ LinkedIn


 
Created by Blin Media, 2008-2013