The problem with strcmp is that sometimes, if by mistake, arguments that are passed are not valid C-strings (meaning that p1 or p2 is not terminated with a null character i.e. not NULL-terminated String), then, strcmp continues comparing until it reaches non-accessible memory and crashes or sometimes results to an unexpected behaviour.
Using strncmp you can limit the search, so that it doesn't reach non-accessible memory.
But, from that, it should not be concluded that strcmp is insecure to use. Both the functions work well in the way they are intended to work. Programmer should read man page for that function before using it and must be sincere enough while passing parameters to such library functions.
You can also read THIS which contains an almost similar question.
Answer from Surajeet Bharati on Stack OverflowThe problem with strcmp is that sometimes, if by mistake, arguments that are passed are not valid C-strings (meaning that p1 or p2 is not terminated with a null character i.e. not NULL-terminated String), then, strcmp continues comparing until it reaches non-accessible memory and crashes or sometimes results to an unexpected behaviour.
Using strncmp you can limit the search, so that it doesn't reach non-accessible memory.
But, from that, it should not be concluded that strcmp is insecure to use. Both the functions work well in the way they are intended to work. Programmer should read man page for that function before using it and must be sincere enough while passing parameters to such library functions.
You can also read THIS which contains an almost similar question.
strncmp does not have "advantages over strcmp"; rather they solve different problems. strcmp is for determining if two strings are equal (and if not, possibly how to order/sort them with respect to each other). strncmp is (mainly) for determining whether a string begins with a particular prefix. For example:
if (strncmp(str, "--option=", 9)==0)
will determine if str begins with "--option=". This cannot be achieved by strcmp without either modifying the string to be checked (which may not be a valid operation) or making a useless copy of it. It also cannot be achieved with memcmp unless you already know str points to an object at least 9 bytes in length; otherwise the call to memcmp would have undefined behavior.
There are other usage cases for strncmp too, such as working with non-C-string data.
Is strcmp in embedded C safe? If not, what are the usual substitutes?
Fast String comparisons in C
This is a super noob question, but strcmp returns 0 if the strings are equal and "truthy" if they are not equal, like if(-1) is true? Is there a different way to compare strings or do I just need to wrap my head around this?
Confused with strcmp() function.
Videos
I have an STM32756-EVAL board, and I would like to compare a uint8_t array to a char array.
uint8_t* inputCmd[5];
code_that_defines_the_inputCmd();
if (strcmp(inputCmd, "FIRMV") == 0){
do_something();
}
else{
do_something_else();
}Is strcmp in embedded C safe? If not, what are the usual substitutes?
Hi, I'm working just for fun on a fast comparison for strings written in C, with the intent of being faster than the normal strncmp function, which is currently the code bellow
```
int fast_strncmp(const char *str1, const char *str2, int len) {
const char *final_pos = (str1 + len) - 4;
while (str1 < final_pos) {
// if characters differ, or end of the second string is reached
if (*((uint32_t *)str1) != *((uint32_t *)str2)) {
break;
}
// move to the block of characters
str1 += 4;
str2 += 4;
}
final_pos += 4;
while (str1 < final_pos) {
if (*str1 != *str2 || *str1 == 0 || *str2 == 0) {
return *str1 - *str2;
}
// move to the next pair of characters
str1++;
str2++;
}
return 0;
}
```Is there any clear problem with the code that could make it a bad option for fast string comparisons. When I wrote it a couple of weeks ago, I didn't think there could be any problem with it, but this week I was watching a couple of videos about C programming and it was mentioned that casting an array of 4 uint8_t to a uint32_t could be a problem. I'm even using this function at work and haven't had a single problem or warning, but since I'm planning to make a youtube video about it, I want to guarantee that my code won't be a problem for other people.
On top of that I've made a couple of benchmarks on the performance to be sure it really is fast, so I've compared it to strncmp and an implementation by https://github.com/mgronhol, that I found here: https://mgronhol.github.io/fast-strcmp/, which got me the following results:
EDIT: reddit was not cooperating with me posting the results text in a well formatted way, so here's the link to the file:
https://github.com/BenjamimKrug/fast_string_comparison/blob/main/results.txt
As you can see, running on the STM32 and the ESP32, my algorithm runs faster by a little compared to the fast_compare function by mgronhol, but running on my PC, it's performing terribly. Does anyone know why that is?
You can find more info about the code in my github repository where I put everything related to this test: https://github.com/BenjamimKrug/fast_string_comparison
P.S.: Sorry if this is the wrong subreddit for this kind of thing, I was going to post it on r/programming, but after reading the rules, I saw that maybe it was best to post it here.
EDIT: fixed code formatting