"A string is not a built-in data type in C, instead it
is termed as a continguous sequence of characters terminated by a
NULL character (‘’). Now, many of the
“standard” string manipulation functions written in
early part of C development took this definition by heart, assumed
that a programmer always knows what he is doing (though I agree
that this MUST be true), and put out a code meant to be used in an
everyone-is-good world. Subsequently, the shortcomings were
noticed, stronger sibling functions were created but the older ones
are still supported because they are “standard”. This
means that naive programmers continue to use them and put their
programs’ security into jeopardy. This series will do an
in-depth analysis of such unsafe functions, tell you why they are
unsafe, and bring out what alternatives you have in-built and what
alternatives you can create."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.