Welcome to Software Development on Codidact!

Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.

Post History

89%

+15 −0

Q&A Is strcpy dangerous and what should be used instead?

I heard rumours that the strcpy function is dangerous and shouldn't be used. Supposedly it can be exploited to create buffer overflows somehow. And indeed when I compile my C code in the admittedl...

2 answers · posted 3y ago by Lundin‭ · last activity 8mo ago by Lundin‭

Question c strcpy strncpy buffer-overflow

#1: Initial revision by

Lundin‭ · 2021-04-27T13:17:25Z (over 3 years ago)

Copy Link

Raw

Markdown

Is strcpy dangerous and what should be used instead?

I heard rumours that the `strcpy` function is dangerous and shouldn't be used. Supposedly it can be exploited to create buffer overflows somehow. 

And indeed when I compile my C code in the admittedly non-conforming Visual Studio C compiler, it warns me about using `strcpy` among other functions, labelling it dangerous. Is it true?

If so, what should we use instead? Some rumours say that `strncpy` should be used instead, others like Microsoft tell me to use `strcpy_s`.

c strcpy strncpy buffer-overflow

Communities

Post History