5.1.20 · D5 · HinglishC Programming
Question bank — String handling — char arrays, null terminator, strcpy, strcat, strlen, sprintf (dangers)
5.1.20 · D5· Coding › C Programming › String handling — char arrays, null terminator, strcpy, strc
Questions se pehle, chaar choti pictures tumhe woh mental model deti hain jis par har answer tika hai: ek string memory mein kaise rehti hai, "scanning" ki cost kya hai, baar baar append karna kyon explode karta hai, aur strncpy padding asal mein kaisi dikhti hai.
Har trap ke peeche chaar pictures




True ya false — justify karo
Ek C string ek alag data type hai jaise int ya float.
False. Ek "string" sirf ek
char array hai (ya ek char * jo ek ki taraf point karta hai) jo ek convention follow karta hai: woh ek '\0' byte se khatam hota hai (Picture 1). C mein koi dedicated string type nahi hai — dekho Arrays vs Pointers.String "Hi" exactly 2 bytes occupy karti hai.
False. Yeh 3 bytes occupy karti hai:
'H', 'i', aur invisible '\0'. Logical length 2 hai, lekin storage hamesha length + 1 hoti hai (Picture 1 mein boxes gino).strlen("Hello") 6 return karta hai kyunki woh terminator bhi count karta hai.
False. Woh 5 return karta hai.
strlen '\0' se pehle ke characters count karta hai aur jaise hi woh reach karta hai ruk jaata hai, isliye terminator kabhi count nahi hota.char s[] = "abc"; aur char s[3] = "abc"; equivalent hain.
False.
char s[] khud ko 4 bytes (room for '\0') tak size karta hai, lekin char s[3] sirf 3 bytes force karta hai toh terminator silently drop ho jaata hai — s ab ek unterminated array hai (Picture 1 ki row bina STOP ke), aur uspe koi bhi string function undefined behaviour hai (Undefined Behaviour in C).s[strlen(s)] padhna '\0' byte deta hai.
True.
strlen pehle '\0' ka index return karta hai, toh s[strlen(s)] exactly woh terminator hai (value 0). Woh last real character ke baad wala ek index hai jo array ke andar safely hai.strcpy safe hai jab tak source string destination ke character count mein fit ho jaaye.
False. Tumhe
'\0' bhi fit karna hoga. char b[5]; strcpy(b, "Hello"); 6 bytes ko 5 mein copy karta hai → buffer overflow. len + 1 ke liye size karo.snprintf(buf, sizeof buf, ...) ab bhi overflow kar sakta hai agar format lamba ho.
False. Yahi toh poora point hai:
snprintf zyada se zyada sizeof buf bytes likhta hai aur baaki truncate kar deta hai, hamesha ek '\0' chhod ke (jab size > 0 ho). Woh buf overflow nahi kar sakta.Do alag string functions mil ke tumhe ek non-terminated buffer de sakti hain.
True.
strncpy classic culprit hai (Picture 4 mein red case): agar source given n ke barabar (ya zyada lamba) ho, toh woh n bytes copy karta hai aur koi '\0' nahi likhta. sprintf overflow karna bhi termination destroy karta hai.sizeof buf hamesha buffer mein bytes ki number deta hai.
False. Sirf tab jab
buf current scope mein ek real array ho. Agar buf ek char * parameter hai, toh array pointer mein decay ho chuka hai, toh sizeof buf pointer size deta hai (typically 8) — dekho Pointers in C.Loop mein repeated strcat se append karna efficient hai.
False. Har
strcat pehle destination ko start se rescan karta hai apna '\0' dhundhne ke liye, toh loop mein string banana hai — Picture 3 ka "Shlemiel the painter" pattern (Time Complexity).strlcpy/strlcat sirf strncpy/strncat ke slower aliases hain.
False.
strlcpy(dst, src, size) zyada se zyada size-1 bytes copy karta hai aur hamesha null-terminate karta hai (strncpy ke unlike), aur woh length return karta hai jitna woh copy karna chahta tha toh tum truncation detect kar sako. Yeh BSD-origin safety functions hain, standard C nahi, lekin widely available hain.Error dhundho
char buf[5]; strcpy(buf, "Hello"); — kya galat hai?
"Hello" ko 6 bytes chahiye (5 letters + '\0') lekin buf 5 hold karta hai. strcpy end ke baad likhta hai (Picture 1 ke grey cell mein) → buffer overflow, undefined behaviour, possible crash ya exploit. buf[6] banao ya snprintf use karo.char b[3]; strcpy(b, "cat"); — kya yeh theek hai?
Nahi.
"cat" apne terminator ke saath 4 bytes hai; b 3 hold karta hai. '\0' (aur possibly last letter) out of bounds likha jaata hai → overflow.char c[6] = "Hi"; strcat(c, "there"); — size trace karo.
Result
"Hithere" ko 8 bytes chahiye (7 chars + '\0'), lekin c 6 hold karta hai → overflow. Destination mein strlen(dst) + strlen(src) + 1 fit hona chahiye.sprintf(buf, "%d-%s", id, name); — yeh landmine kyon hai?
sprintf ko kabhi nahi bataya jaata ki buf kitna bada hai. Ek lamba name (ya ek wide %f, jo 300+ chars emit kar sakta hai) silently overflow karta hai. Use karo snprintf(buf, sizeof buf, "%d-%s", id, name);.void log(char *buf){ snprintf(buf, sizeof buf, "%d", x); }— subtle bug kya hai?
Function ke andar
buf ek pointer parameter hai, toh sizeof buf pointer size (8) hai, caller ke buffer size nahi. True size ko boundary ke paas ek extra argument ki tarah pass karo.char s[3] = {'a','b','c'}; printf("%s", s); — safe hai?
Nahi. Saare 3 slots letters se bhare hain, koi
'\0' nahi (Picture 1 ki row bina STOP ke). printf("%s") s ke baad ek terminator dhundhta rehta hai jo bounds mein kabhi nahi milega → undefined behaviour.char *p = "abc"; p[0] = 'X'; — legal hai?
Nahi. Ek string literal read-only memory mein rehta hai;
p ke through likhna undefined behaviour hai (often crash). char arr[] = "abc"; use karo agar tumhe modifiable copy chahiye — dekho Arrays vs Pointers.while ((dst[i] = src[i]) != '\0') i++; — kya terminator copy hoga?
Haan. Assignment test se pehle hoti hai. Jab
src[i] '\0' hota hai, dst[i] bhi woh receive kar leta hai, aur tabhi != '\0' test fail hota hai aur loop rokta hai — toh dst terminated end hoti hai.char big[4]; strncpy(big, "test", 4); — kya big baad mein ek usable string hai?
Nahi. Source exactly length 4 hai, toh
strncpy saare 4 boxes ko t e s t se fill karta hai aur koi '\0' nahi likhta (Picture 4, red case). big ko strlen/printf("%s") mein pass karna phir undefined behaviour hai.Why questions
C terminator byte kyun use karta hai length store karne ki jagah?
Ek
char * sirf ek address hai jisme length field ke liye koi jagah nahi hai. Convention "zero byte par ruko" ek bare pointer ko string describe karne deti hai — 1972 mein sasta tha, length queries ki cost par (Picture 2, aur Time Complexity).strcat ko destination ke existing '\0' ko overwrite karna kyon zaroori hai?
Purana terminator
dst ke end ko mark karta tha. Do strings ko ek mein fuse karne ke liye, woh boundary gaayab honi chahiye; src se copied '\0' naya single end-marker ban jaata hai.strlen inherently kyon hai aur kabhi nahi?
Koi length kahin store nahi hai, toh end dhundhne ka akeela tarika Picture 2 ka box-by-box walk hai — kaam string length ke saath saath badhta hai.
'\0' bhoolna sirf galat answer nahi balki security problem kyon hai?
Array ke baad likhna neighbouring memory corrupt karta hai (return addresses, doosre variables — Picture 1 ka grey region). Attackers isko execution redirect karne ke liye exploit karte hain — classic buffer overflow attack.
C tumhe out of bounds likhne se rokta kyon nahi?
C speed ke liye koi bounds checking nahi karta; array access raw pointer arithmetic hai. Out-of-bounds access undefined behaviour hai — compiler assume karta hai ki tum kabhi aisa nahi karte.
n-suffixed functions (snprintf, strncpy, strncat) kyon exist karte hain?
n ek byte limit hai jo cap karta hai ki woh kitna likhte hain, overflow rokta hai. Yeh unbounded originals ke "seat-belt" versions hain — though strncpy mein ab bhi Picture 4 ka no-terminator trap hai.snprintf terminator guarantee karta hai lekin strncpy nahi — kyon?
snprintf specified hai ki hamesha given size ke andar ek '\0' likhega (jab size > 0 ho). strncpy ki jagah sirf tabhi zeros se pad karta hai jab source n se chhota ho (Picture 4, green case); agar barabar ya zyada lamba ho, koi terminator add nahi hota (red case).Log strn* functions ki jagah strlcpy/strlcat kyon prefer karte hain?
Kyunki
strlcpy hamesha terminate karta hai aur woh length report karta hai jitna woh chahta tha, toh tumhe kabhi silent no-STOP bug nahi milta aur tum ek check mein truncation detect kar sakte ho — exactly woh gap close karta hai jo Picture 4 warn karta hai.C ka byte-oriented terminator non-ASCII text ke saath tricky kyon ho jaata hai?
Kyunki
'\0' end mark karta hai byte level par, character level par nahi. Yeh UTF-8 ke liye theek hai (koi bhi valid multi-byte character ek zero byte contain nahi karta), lekin strlen byte count return karta hai, visible characters ki number nahi — "é" UTF-8 mein 2 bytes hai, toh strlen ek single-glyph string ke liye 2 kehta hai.Edge cases
Empty string ke liye strlen("") kya hai?
0. Sabse pehla byte already
'\0' hai, toh count turant ruk jaata hai — lekin array ab bhi us terminator ke liye kam se kam 1 byte occupy karta hai.strlen ek char array par kya karta hai jisme koi '\0' nahi hai?
Woh array ke end ke baad scan karta rehta hai (Picture 1 ka grey region) jab tak kisi jagah memory mein koi zero byte accidentally nahi mil jaata → undefined behaviour, ek garbage (ya bahut bada) length, ya crash.
strnlen(s, max) scan ko max bytes par cap karke isse avoid karta hai.s = "hello" ke liye strnlen(s, 3) kya return karta hai?
3.
strnlen strlen ki tarah chalta hai lekin zyada se zyada max bytes ke baad ruk jaata hai, toh woh kabhi end se baahar nahi jaata — woh real length aur max mein se chhota wala return karta hai. Yeh strlen ka bounded, overflow-safe cousin hai.snprintf(buf, 0, "%d", x) kya likhta hai?
buf mein kuch nahi (size 0 matlab woh '\0' bhi nahi likh sakta), lekin woh ab bhi return karta hai characters ki number jitna woh likhta chahta — required size safely measure karne ka ek handy trick.strcpy(dst, dst + 1) (overlapping copy) ke saath kya hota hai?
Undefined behaviour.
strcpy assume karta hai ki source aur destination overlap nahi karte; overlapping regions un bytes ko read kar sakti hain jo woh pehle hi overwrite kar chuka hai. Overlaps ke liye memmove use karo.Jab formatted output exactly sizeof buf ho toh snprintf kya karta hai?
Woh
sizeof buf - 1 characters plus ek '\0' likhta hai, last real character truncate karta hai. Woh kabhi overflow nahi karta, lekin tum silently data lose karte ho — truncation detect karne ke liye return value check karo.Array ke beech mein ek '\0' ek "short" string hai?
Haan, jahan tak string functions ka sawaal hai.
char s[6]="ab\0cd"; mein strlen 2 hai; embedded '\0' ke baad sab kuch strlen, strcpy, aur printf("%s") ke liye invisible hai, chahe bytes abhi bhi stored hain.strlen UTF-8 string jaise "café" ke liye characters count karta hai ya bytes?
Bytes.
"café" UTF-8 mein 5 bytes hai (é = 2 bytes), toh strlen 5 return karta hai, 4 nahi. C ke functions byte-oriented hain; visible glyphs count karne ke liye ek Unicode-aware library chahiye, strlen nahi.