How does strcpy_s work?

2020-07-05 07:04发布

问题:

As we all know, strcpy_s is a safety version of strcpy.

But I wonder how it works ...

let's see some examples.

strpy_s's declaration:
errno_t strcpy_s(_CHAR *_DEST, size_t _SIZE, const _CHAR *_SRC)

eg1

char dest[5];
char* src = "abcdefg";
strcpy_s(dest,5,src);

It will return an assertion.
I think I can understand this, use _SIZE to make sure we can't copy more characters than _SIZE

But.. I can't understand this:

char dest[5];
char* src = "abcdefg";
strcpy_s(dest,10,src);

we can still get a assertion, how did that happened?

ps,error was:

Debug Assertion Failed
expression : (L"Buffer is too small "&&0)


In VS2013

will strcpy_s checks the size of dest inside its body?? and if it's true , how? how to check a pointer like _DEST?

回答1:

This is actually how to get the size of a stack array at run time without decaying it to a pointer:

template<typename T, size_t N> 
size_t arrSize(T (&array)[N])  
{
  return N;
}

You send it as a template reference, and the template mechanism deduces the size. So, you can do something like

int myArray[10];
cout << arrSize(myArray); // will display 10

So my guess is that this is how the "safe" MS strcpy_s is checking the sizes. Otherwise, if you pass just a pointer, there is NO STANDARD-COMPLIANT way of getting the size.



回答2:

MSDN Says "The strcpy_s function copies the contents in the address of strSource, including the terminating null character, to the location that's specified by strDestination. The destination string must be large enough to hold the source string and its terminating null character. The behavior of strcpy_s is undefined if the source and destination strings overlap."



回答3:

In DEBUG mode, MicroSoft APIs fill the buffer with 0xfd, so they can check for an overflow.

This function doesn't truncate the copied string, but raises an exception!

It's always a pain to specify the size of the dest buffer (use _countof rather than sizeof), mostly when you use a pointer!

I have more problems with those "_s" APIs than with the standards ones!!



回答4:

dest cannot hold more than 5 chars, that's why you get the error. It is not because of _SIZE. If dest was char* then you need to make sure you allocate enough memory for it, you won't get any compile error. But in your program dest has a fixed size, and strcpy_s, unlike strcpy, checks the size of the destination buffer (if it can, and in this case it can as its size is defined at compile time). Read this

http://www.cplusplus.com/forum/beginner/118771/

Basically strcpy_s is the "safe" version of strcpy, it doesn't allow you to overflow. From the standard: C (2011) and ISO/IEC WDTR 24731 - strcpy_s: a variant of strcpy that checks the destination buffer size before copying. Internally, probably strcpy_s asserts sizeof(dest)<SIZE.



标签: c string strcpy