*** UNIX MANUAL PAGE BROWSER ***

STRCPY(3) FreeBSD Library Functions Manual STRCPY(3) NAME stpcpy, strcpy - copy strings LIBRARY Standard C Library (libc, -lc) SYNOPSIS #include <string.h> char * stpcpy(char * restrict dst, const char * restrict src); char * strcpy(char * restrict dst, const char * restrict src); DESCRIPTION The stpcpy() and strcpy() functions copy the string src to dst, including the terminating NUL byte. The strings src and dst may not overlap. The string src must be terminated by a NUL byte. The memory for dst must have space for strlen(src) + 1 bytes. RETURN VALUES The strcpy() function returns dst. The stpcpy() function returns a pointer to the terminating NUL byte of dst. SEE ALSO bcopy(3), memccpy(3), memcpy(3), memmove(3), strlcpy(3), strncpy(3), wcscpy(3) STANDARDS The strcpy() function conforms to ISO/IEC 9899:1999 ("ISO C99"). The stpcpy() function conforms to IEEE Std 1003.1-2008 ("POSIX.1"). HISTORY The stpcpy() function first appeared in NetBSD 6.0. SECURITY CONSIDERATIONS The strcpy() and stpcpy() functions copy until a NUL terminator without any bounds checks on the size of the input or output buffers. If the input buffer is missing a NUL terminator, or the input string is longer than the output buffer, this can lead to crashes or security vulnerabilities from buffer overruns, including disclosure of secrets in memory and arbitrary code execution. The strlcpy(3) function is a safer replacement for strcpy() which allows the caller to specify the space allocated for dst. strlcpy(3), or snprintf(3) with a format string of "%s", should be used instead of strcpy() and stpcpy() wherever possible to avoid buffer overruns in dst. (However, they still require src to be NUL-terminated.) FreeBSD 14.1-RELEASE-p8 August 11, 2023 FreeBSD 14.1-RELEASE-p8