~對(duì)初學(xué)者屬于深入理解吧,高手請(qǐng)勿在此浪費(fèi)寶貴時(shí)間~
看到這樣一個(gè)改錯(cuò)題:
char p[5];
char* s="12345";
strcpy(p,s);
cout << p << endl;
錯(cuò)誤之處是很顯然的,作為字符串字面值的"12345"會(huì)在結(jié)尾處自動(dòng)加上空字符null,從而長(zhǎng)度是6,上面的strcpy是會(huì)越界的,從而是個(gè)越界錯(cuò)誤。
問(wèn)題是我以為這樣的程序編譯的時(shí)候會(huì)出錯(cuò)呢!但是我在vc上運(yùn)行時(shí)是可以輸出正確結(jié)果的,這讓我很是納悶!后來(lái)找到了strcpy的源代碼才知原因,strcpy函數(shù)是不進(jìn)行越界處理的. 又因?yàn)閟trcpy連null一起復(fù)制,從而p能輸出正確的結(jié)果"12345"
/**//*The strcpy function copies strSource, including the terminating null character, to the location specified by strDestination. No overflow checking is performed when strings are copied or appended. The behavior of strcpy is undefined if the source and destination strings overlap.*/
char * __cdecl strcpy(char * dst, const char * src)
{
char * cp = dst;
while( *cp++ = *src++ )
; /**//* Copy src over dst */
return( dst );
}
貌似strcpy雖然不進(jìn)行越界處理,仍然是個(gè)挺好的函數(shù)呢,但是注意了,下面的代碼就能暴露出strcpy 的缺點(diǎn)了.
char p[5];
char *s = "12345678";
strcpy(p,s);
cout << p <<endl; //輸出12345678,而不是我們所設(shè)想的12345
為了不因不知s的長(zhǎng)度而犯下錯(cuò)誤,推薦使用strncpy。但是是不是用了strncpy就萬(wàn)無(wú)一失了呢?看下面的代碼:
char p[5];
char* s = "12345";
strncpy(p,s,5);
cout << p <<endl; //12345*&^(后面表示亂碼)
不是都限制個(gè)數(shù)了么?為什么后面又有亂碼?
問(wèn)題來(lái)自在上述情形strncpy是不會(huì)復(fù)制字符串s后面的null的,不是以null結(jié)束的p不會(huì)輸出正確結(jié)果的。
仍然給出strncpy的源代碼:
/**//*The strncpy function copies the initial count characters of strSource to strDest and returns strDest. If count is less than or equal to the length of strSource, a null character is not appended automatically to the copied string. If count is greater than the length of strSource, the destination string is padded with null characters up to length count. The behavior of strncpy is undefined if the source and destination strings overlap.*/
char * __cdecl strncpy ( char * dest, const char * source, size_t count )
{
char *start = dest;
while (count && (*dest++ = *source++)) /**//* copy string */
count--;
if (count) /**//* pad out with zeroes */
while (--count)
*dest++ = '\0';
return(start);
}
那strncpy這么不穩(wěn)定,為何用它?strncpy經(jīng)常用于修改一個(gè)長(zhǎng)字符串中間的一部分(看出不復(fù)制null的原因了吧!),如果實(shí)在要用到上述的代碼上,就在代碼最后加上p[5] = '\0'; 吧!