Restricted vs Unrestricted String Function in C

Strings in C are represented as arrays of characters terminated by a null character (‘\0’). Since C doesn’t have a built-in string data type, we rely on functions from the C Standard Library (<string.h>) to manipulate strings.

These functions can be broadly categorized into:

  • Restricted String Functions
  • Unrestricted String Functions

Let’s understand what these terms mean and how they impact program safety and behavior.

What are Restricted String Functions?

Restricted string functions are functions that limit the number of characters they operate on. This restriction helps prevent buffer overflows, which is one of the most common vulnerabilities in C programs.

Characteristics of Restricted String Functions:

  • They accept a parameter that defines the maximum number of characters to read or write.
  • They help prevent out-of-bounds access.
  • Safer for use with user input or dynamic strings.

Common Restricted String Functions:

Function Description
strncpy() Copies up to n characters from source to destination.
strncat() Appends up to n characters from source to destination.
strncmp() Compares up to n characters of two strings.

Example:

advertisement
#include <stdio.h>
#include <string.h>
 
int main()
{
    char output[15];
    char input[] = "LearnCNow";
 
    strncpy(output, input, sizeof(output) - 1);
    output[14] = '\0';  // Ensure null termination
 
    printf("Restricted Copy: %s\n", output);
    return 0;
}

Output:

Restricted Copy: LearnCNow

This program copies a string using strncpy() safely. It copies up to 14 characters from “LearnCNow” into the output array, which has space for 15. Then, it adds a null character at the end to close the string. The result is printed using printf().

Free 30-Day Python Certification Bootcamp is Live. Join Now!

What are Unrestricted String Functions?

Unrestricted string functions do not take a length parameter. They rely entirely on the presence of the null terminator (‘\0’) to know when to stop. If the null terminator is missing or the buffer is too small, it can result in buffer overflows, memory corruption, or security vulnerabilities.

Characteristics of Unrestricted String Functions:

  • Operate until a null character is found.
  • Assumes destination buffer is large enough.
  • Dangerous if not used carefully.

Common Unrestricted String Functions:

Function Description
strcpy() Copies the entire string from source to destination.
strcat() Appends the entire string from source to destination.
strcmp() Compares two strings entirely until null terminator.

Example:

#include <stdio.h>
#include <string.h>
 
int main() {
    char dataBin[6];
    char inputText[] = "Logic";
 
    strcpy(dataBin, inputText);  // Unsafe if inputText is too long
    printf("Unrestricted Copy: %s\n", dataBin);
    return 0;
}

Output:

Unrestricted Copy: Logic

This program shows how strcpy() works to copy a string. It copies the word “Logic” into the dataBin array. Since dataBin has enough space (6 bytes), it works fine here. However, using strcpy() can be unsafe if the source string is longer than the destination, which may cause memory errors.

advertisement

Restricted vs Unrestricted Functions in C

Feature Restricted Functions Unrestricted (Safer) Functions
Null-terminated required Yes Yes
Built-in bounds checking No Yes (you set limit)
Risk of buffer overflow High Lower
Safer for input handling No Yes

Best Practices

  • Use Safer Functions: Prefer functions like strncpy, strncat, and snprintf to help avoid buffer overflows.
  • Check for Null-Termination: After using restricted functions, make sure to add a null character if it’s not added automatically.
  • Check Buffer Sizes: Always make sure the destination buffer is large enough to hold all the data you want to store.
  • Don’t Use Unsafe Functions: Avoid using functions like gets, as they are unsafe and removed from the C standard library.
  • Choose Better Alternatives: Use safer built-in functions or your own well-tested ones to handle special cases safely.

Sanfoundry Global Education & Learning Series – 1000 C Tutorials.

If you wish to look at all C Tutorials, go to C Tutorials.

advertisement
advertisement
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.