CMPSC 311 – Strings in C

Vocabulary flashcards covering ASCII, storage of strings, common C string functions, safe 'n' variants, and related security concerns.

ASCII (American Standard Code for Information Interchange)

A 7-bit character encoding standard in which each character (e.g., ‘A’ = 65) is represented by an integer value.

Null-terminated string

A sequence of characters in C stored as an array that ends with the byte ‘\0’ (value 0) to mark the end.

String literal

Text enclosed in double quotes (e.g., "hello\n") stored in a read-only memory section.

char *x vs. char x[]

A pointer points directly to the read-only literal, while an array contains a compiler-generated copy that can be modified.

sizeof(string)

Operator that returns the size (in bytes) of the declared object, not the length of the text; for pointers it returns pointer size.

strlen(string)

Library function that counts characters up to but not including the null terminator; returns string length.

Unterminated string

A character array lacking a final ‘\0’; causes undefined behavior when treated as a C string.

Buffer overflow

Writing past the end of an array (e.g., copying a longer string into a smaller buffer) which can corrupt memory or crash the program.

strcpy(dest, src)

Copies src (including null) into dest without bounds checking; dangerous if dest is too small.

strncpy(dest, src, n)

Copies at most n bytes; safer but may leave dest unterminated if no null appears within n bytes.

strcat(dest, src)

Appends src to the end of dest (after its null); assumes dest has enough space.

strncat(dest, src, n)

Appends at most n bytes of src to dest and adds a null terminator.

strcmp(s1, s2)

Lexicographically compares two strings; returns

strncmp(s1, s2, n)

Compares at most n bytes of two strings.

strchr(str, c)

Returns pointer to first occurrence of character c in str or NULL if not found.

strrchr(str, c)

Returns pointer to last occurrence of character c in str or NULL.

strstr(haystack, needle)

Finds the first occurrence of substring needle in haystack; case sensitive.

strcasestr(haystack, needle)

Case-insensitive version of strstr; non-standard but common.

sscanf(str, "format", …)

Parses formatted data from a string into provided variables; returns count of successfully read items.

n-variant functions

Safer versions of C string routines (e.g., strncpy, strncat, strncmp) that take a length argument to limit copying/comparing.

Secure C coding guideline

Best practices and APIs aimed at reducing common errors like buffer overflows when handling strings.

Rust

A memory-safe systems programming language recommended as an alternative to error-prone C for secure code.