The default string processing functions are not secure.
C11 standard includes optional versions of the string processing functions that are more secure.
All the optional C11 functions have names that end with _s.
To determine whether the standard library supports the optional functions, use the following code:
#include <stdio.h> int main(void) { #if defined __STDC_LIB_EXT1__ printf("Optional functions are defined.\n"); #else printf("Optional functions are not defined.\n"); #endif return 0; }
A compiler that implements the optional functions according to the C11 standard will define the symbol __STDC_LIB_EXT1__.
This code uses preprocessor directives to insert one of two printf() statements, depending on whether the symbol __STDC_LIB_EXT1__ is defined.
To use the optional functions in string.h, define __STDC_WANT_LIB_EXT1__ symbol in your source file to represent the value 1, prior to the include directive for string.h:
#define __STDC_WANT_LIB_EXT1__ 1 // Make optional versions of functions available #include <string.h> // Header for string functions
If you don't define this symbol as 1, only the standard set of string processing functions will be available.