Strcat

In computing, the C programming language offers a library function called strcat that allows one memory block to be appended to another memory block. Both memory blocks are required to be null-terminated. Since, in C, strings are not first-class datatypes, and are implemented as blocks of ASCII bytes in memory, strcat will effectively append one string to another given two pointers to blocks of allocated memory.

For example

char *str1 = malloc(sizeof(char)*LARGE_NUMBER_1);
char *str2 = malloc(sizeof(char)*(LARGE_NUMBER_1+LARGE_NUMBER_2-1));

fgets(str1, LARGE_NUMBER_1, stdin);
fgets(str2, LARGE_NUMBER_2, stdin);
strcat(str2, str1); /* the argument order makes it like an assignment - str2 "+=" str1 */

Here is one possible implementation of strcat:

 char *
 strcat(char *dest, const char *src)
 {
   char c;
   const char *p;
   char *q;
                                                                               
   for (q = dest; *q != '\0'; q++)
      ;
                                                                               
   for(p = src; *p != '\0'; p++, q++)
      *q = *p;
                                                                               
   *q = '\0';
                                                                               
   return dest;
 }

strcat can be dangerous because if the string to be appended is too long to fit in the destination buffer, it will overwrite adjacent memory, causing unpredictable behavior. Usually the program will simply cause a segmentation fault when this occurs, but a skilled attacker can use such a buffer overflow to crack into a system (see computer security).

The bounded variant strncat does the same thing as strcat but as it only appends a specified number of bytes, it is susceptible to buffer overflow only if the number of bytes specified is too large to fit in the destination string. OpenBSD strlcat is regarded as a safer version of these variants.