The following message is a courtesy copy of an article that has been posted to bit.listserv.ibm-main as well.
[EMAIL PROTECTED] (John McKown) writes: > If I am copying literal text into a char array, which do you think is > better: > > strcpy(dest,"LITERAL"); > > OR > > memcpy(dest,"LITERAL",8); > > ?? I lean towards memcpy because the C run-time reference says that it is > a builtin function and done in-line. Which I would guess would mean better > performance. Why don't I just look at the generated code? Because I don't > have a C compiler for z/OS. I'm writing my code on Linux using GCC. strcpy has been severely depreciated ... related to significant occurance of buffer overflow vulnerabiities in applications implemented with C programming language. one reference Secure programmer: Countering buffer overflows http://www.ibm.com/developerworks/linux/library/l-sp4.html lots of past posts mentioning buffer overflow vulnerabilities (including that they used to be the vast majority of all exploits) http://www.garlic.com/~lynn/subintegrity.html#overflow -- 40+yrs virtualization experience (since Jan68), online at home since Mar70 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
