1 .\" Copyright 1993 David Metcalfe (david@prism.demon.co.uk)
3 .\" SPDX-License-Identifier: Linux-man-pages-copyleft
5 .\" References consulted:
6 .\" Linux libc source code
7 .\" Lewine's _POSIX Programmer's Guide_ (O'Reilly & Associates, 1991)
9 .\" Modified Sat Jul 24 18:11:47 1993 by Rik Faith (faith@cs.unc.edu)
10 .\" 2007-06-15, Marc Boyer <marc.boyer@enseeiht.fr> + mtk
11 .\" Improve discussion of strncat().
12 .TH strcat 3 (date) "Linux man-pages (unreleased)"
14 strcat, strncat \- concatenate two strings
17 .RI ( libc ", " \-lc )
20 .B #include <string.h>
22 .BI "char *strcat(char *restrict " dest ", const char *restrict " src );
23 .BI "char *strncat(char *restrict " dest ", const char *restrict " src \
34 overwriting the terminating null byte (\(aq\e0\(aq) at the end of
36 and then adds a terminating null byte.
37 The strings may not overlap, and the
40 enough space for the result.
43 is not large enough, program behavior is unpredictable;
44 .IR "buffer overruns are a favorite avenue for attacking secure programs" .
48 function is similar, except that
57 does not need to be null-terminated if it contains
63 the resulting string in
65 is always null-terminated.
80 plus the terminating null byte).
81 Therefore, the size of
84 .IR "strlen(dest)+n+1" .
86 A simple implementation of
93 strncat(char *dest, const char *src, size_t n)
95 size_t dest_len = strlen(dest);
98 for (i = 0 ; i < n && src[i] != \(aq\e0\(aq ; i++)
99 dest[dest_len + i] = src[i];
100 dest[dest_len + i] = \(aq\e0\(aq;
111 functions return a pointer to the resulting string
114 For an explanation of the terms used in this section, see
122 Interface Attribute Value
126 T} Thread safety MT-Safe
132 POSIX.1-2001, POSIX.1-2008, C89, C99, SVr4, 4.3BSD.
134 Some systems (the BSDs, Solaris, and others) provide the following function:
138 size_t strlcat(char *dest, const char *src, size_t size);
142 This function appends the null-terminated string
147 .I size\-strlen(dest)\-1
150 and adds a terminating null byte to the result,
155 This function fixes the buffer overrun problem of
157 but the caller must still handle the possibility of data loss if
160 The function returns the length of the string
162 tried to create; if the return value is greater than or equal to
165 If data loss matters, the caller
167 either check the arguments before the call, or test the function return value.
169 is not present in glibc and is not standardized by POSIX,
170 .\" https://lwn.net/Articles/506530/
171 but is available on Linux via the
180 must find the null byte that terminates the string
182 using a search that starts at the beginning of the string,
183 the execution time of these functions
184 scales according to the length of the string
186 This can be demonstrated by running the program below.
187 (If the goal is to concatenate many strings to one target,
188 then manually copying the bytes from each source string
189 while maintaining a pointer to the end of the target string
190 will provide better performance.)
194 .\" SRC BEGIN (strcat.c)
205 char p[LIM + 1]; /* +1 for terminating null byte */
211 for (unsigned int j = 0; j < LIM; j++) {
212 if ((j % 10000) == 0)
213 printf("%u %jd\en", j, (intmax_t) (time(NULL) \- base));