C standard library
C standard library (libc) |
---|
General topics |
Miscellaneous headers |
The C standard library or libc is the
The C standard library provides
Application programming interface (API)
Header files
The
After a long period of stability, three new header files (iso646.h
, wchar.h
, and wctype.h
) were added with Normative Addendum 1 (NA1), an addition to the C Standard ratified in 1995. Six more header files (complex.h
, fenv.h
, inttypes.h
, stdbool.h
, stdint.h
, and tgmath.h
) were added with C99, a revision to the C Standard published in 1999, and five more files (stdalign.h
, stdatomic.h
, stdnoreturn.h
, threads.h
, and uchar.h
) with C11 in 2011. In total, there are now 29 header files:
Name | From | Description |
---|---|---|
<assert.h> |
Declares the assert macro, used to assist with detecting logical errors and other types of bugs while debugging a program.
| |
|
C99 | Defines a set of functions for manipulating complex numbers. |
|
Defines are also known). | |
<errno.h> |
For testing error codes reported by library functions. | |
|
C99 | Defines a floating-point environment.
|
|
Defines floating-point library.
| |
|
C99 | Defines exact-width integer types. |
|
NA1 | Defines ISO 646 variant character sets.
|
|
Defines macro constants specifying the implementation-specific properties of the integer types. | |
<locale.h> |
Defines localization functions. | |
|
Defines common mathematical functions. | |
<setjmp.h> |
Declares the macros setjmp and longjmp , which are used for non-local exits.
| |
|
Defines signal-handling functions. | |
<stdalign.h> |
C11 | For querying and specifying the alignment of objects. |
<stdarg.h> |
For accessing a varying number of arguments passed to functions. | |
<stdatomic.h> |
C11 | For atomic operations on data shared between threads. |
|
C99 | Defines a Boolean data type. |
|
Defines several useful types and macros. | |
|
C99 | Defines exact-width integer types. |
|
Defines core input and output functions | |
<stdlib.h> |
Defines numeric conversion functions, pseudo-random numbers generation functions, memory allocation, process control functions | |
<stdnoreturn.h> |
C11 | For specifying non-returning functions |
|
Defines string-handling functions | |
|
C99 | Defines type-generic mathematical functions. |
<threads.h> |
C11 | Defines functions for managing multiple threads, mutexes and condition variables
|
|
Defines date- and time-handling functions | |
<uchar.h> |
C11 | Types and functions for manipulating Unicode characters |
|
NA1 | Defines wide-string-handling functions |
|
NA1 | Defines set of functions used to classify wide characters by their types or to convert between upper and lower case |
Three of the header files (complex.h
, stdatomic.h
, and threads.h
) are conditional features that implementations are not required to support.
The
alloca.h
, and OpenVMSva_count()
function.
Documentation
On Unix-like systems, the authoritative documentation of the API is provided in the form of man pages. On most systems, man pages on standard library functions are in section 3; section 7 may contain some more generic pages on underlying concepts (e.g. man 7 math_error
in Linux).
Implementations
Unix-like systems typically have a C library in shared library form, but the header files (and compiler toolchain) may be absent from an installation so C development may not be possible. The C library is considered part of the operating system on Unix-like systems; in addition to functions specified by the C standard, it includes other functions that are part of the operating system API, such as functions specified in the POSIX standard. The C library functions, including the ISO C standard ones, are widely used by programs, and are regarded as if they were not only an implementation of something in the C language, but also de facto part of the operating system interface. Unix-like operating systems generally cannot function if the C library is erased. This is true for applications which are dynamically as opposed to statically linked. Further, the kernel itself (at least in the case of Linux) operates independently of any libraries.
On Microsoft Windows, the core system dynamic libraries (DLLs) provide an implementation of the C standard library for the Microsoft Visual C++ compiler v6.0; the C standard library for newer versions of the Microsoft Visual C++ compiler is provided by each compiler individually, as well as redistributable packages. Compiled applications written in C are either statically linked with a C library, or linked to a dynamic version of the library that is shipped with these applications, rather than relied upon to be present on the targeted systems. Functions in a compiler's C library are not regarded as interfaces to Microsoft Windows.
Many C library implementations exist, provided with both various operating systems and C compilers. Some of the popular implementations are the following:
- The BSD libc, various implementations distributed with BSD-derived operating systems
- GNU/kFreeBSD and Linux
- Microsoft C run-time library, part of Microsoft Visual C++. There are two versions of the library: MSVCRT that was a redistributable till v12 / Visual Studio 2013 with low C99 compliance, and a new one UCRT (Universal C Run Time) that is part of Windows 10 and 11, so always present to link against, and is C99 compliant too [1].
- dietlibc, an alternative small implementation of the C standard library (MMU-less)
- μClibc, a C standard library for embedded μClinux systems (MMU-less)
- uclibc-ng, an embedded C library, fork of μClibc, still maintained, with memory management unit (MMU) support
- Newlib, a C standard library for embedded systems (MMU-less)[5] and used in the Cygwin GNU distribution for Windows
- klibc, primarily for booting Linux systems
- musl, another lightweight C standard library implementation for Linux systems[6]
- Bionic, originally developed by Google for the Android embedded system operating system, derived from BSD libc
- picolibc, developed by Keith Packard, targeting small embedded systems with limited RAM, based on code from Newlib and AVR Libc
Compiler built-in functions
Some compilers (for example,
However, the built-in functions must behave like ordinary functions in accordance with ISO C. The main implication is that the program must be able to create a pointer to these functions by taking their address, and invoke the function by means of that pointer. If two pointers to the same function are derived in two different translation units in the program, these two pointers must compare equal; that is, the address comes by resolving the name of the function, which has external (program-wide) linkage.
Linking, libm
Under FreeBSD-lm
. POSIX requires that the c99 compiler supports -lm
, and that the functions declared in the headers math.h
, complex.h
, and fenv.h
are available for linking if -lm
is specified, but does not specify if the functions are linked by default.[10] musl satisfies this requirement by putting everything into a single libc library and providing an empty libm.[11]
Detection
According to the C standard the macro __STDC_HOSTED__
shall be defined to 1 if the implementation is hosted. A hosted implementation has all the headers specified by the C standard. An implementation can also be freestanding which means that these headers will not be present. If an implementation is freestanding, it shall define __STDC_HOSTED__
to 0.
Problems and workarounds
Buffer overflow vulnerabilities
Some functions in the C standard library have been notorious for having buffer overflow vulnerabilities and generally encouraging buggy programming ever since their adoption.[a] The most criticized items are:
- string-manipulation routines, including
strcpy()
andstrcat()
, for lack of bounds checking and possible buffer overflows if the bounds are not checked manually; - string routines in general, for side-effects, encouraging irresponsible buffer usage, not always guaranteeing valid null-terminated output, linear length calculation;[b]
- format string attacks;
family of I/O routines, for lack of (either any or easy) input length checking.gets() and()scanf
Except the extreme case with gets()
, all the security vulnerabilities can be avoided by introducing auxiliary code to perform memory management, bounds checking, input checking, etc. This is often done in the form of wrappers that make standard library functions safer and easier to use. This dates back to as early as The Practice of Programming book by B. Kernighan and R. Pike where the authors commonly use wrappers that print error messages and quit the program if an error occurs.
The ISO C committee published Technical reports TR 24731-1[12] and is working on TR 24731-2[13] to propose adoption of some functions with bounds checking and automatic buffer allocation, correspondingly. The former has met severe criticism with some praise,[14][15] the latter received mixed responses. Despite this, TR 24731-1 has been implemented into Microsoft's C standard library and its compiler issues warnings when using old "insecure" functions.
Threading problems, vulnerability to race conditions
The
Error handling
The error handling of the functions in the C standard library is not consistent and sometimes confusing. According to the Linux manual page math_error
, "The current (version 2.8) situation under glibc is messy. Most (but not all) functions raise exceptions on errors. Some also set errno. A few functions set errno, but do not raise an exception. A very few functions do neither."[16]
Standardization
The original C language provided no built-in functions such as I/O operations, unlike traditional languages such as COBOL and Fortran.[citation needed] Over time, user communities of C shared ideas and implementations of what is now called C standard libraries. Many of these ideas were incorporated eventually into the definition of the standardized C language.
Both
POSIX standard library
BSD libc
BSD libc is a superset of the POSIX standard library supported by the C libraries included with
sys/tree.h
– contains an implementation of red–black tree and splay tree[17][18]sys/queue.h
– implementations offgetln()
– defined instdio.h
. This can be used to read a file line by line.[21][22][23]fts.h
– contains some functions to traverse a file hierarchy[24][25]db.h
– some functions to connect to the Berkeley DB[26][27]strlcat()
andstrlcpy()
– secure alternatives forstrncat()
andstrncpy()
[28][29][30][31][32]err.h
– contains some functions to print formatted error messages[33][34]vis.h
– contains thevis()
function. This function is used to display non-printable characters in a visual format.[35][36][37]
The C standard library in other languages
Some languages include the functionality of the standard C library in their own libraries. The library may be adapted to better suit the language's structure, but the
std
(e.g., std::printf
, std::atoi
, std::feof
), in header files with similar names to the C ones (cstdio
, cmath
, cstdlib
, etc.). Other languages that take similar approaches are D, Perl, Ruby and the main implementation of Python known as CPython. In Python 2, for example, the built-in file objects are defined as "implemented using C's stdio
package",[38] so that the available operations (open, read, write, etc.) are expected to have the same behavior as the corresponding C functions. Rust has a crate called libc which allows several C functions, structs, and other type definitions to be used.[39]Comparison to standard libraries of other languages
The C standard library is small compared to the standard libraries of some other languages. The C library provides a basic set of mathematical functions, string manipulation,
See also
Notes
- ^ Morris worm that takes advantage of the well-known vulnerability in
gets()
have been created as early as in 1988. - linear time complexitiesand are inefficient when used on the same or related strings repeatedly
References
- ^ ISO/IEC (2018). ISO/IEC 9899:2018(E): Programming Languages - C §7
- ^ "The GNU C Library – Introduction". gnu.org. Retrieved 2013-12-05.
- ^ "Difference between C standard library and C POSIX library". stackoverflow.com. 2012. Retrieved 2015-03-04.
- ^ "C Standards". C: C Standards. Keil. Retrieved 24 November 2011.
- ^ "Re: Does Newlib support mmu-less CPUs?". Cygwin.com. 23 March 2006. Archived from the original on 22 November 2008. Retrieved 28 October 2011.
- ^ "musl libc". Etalabs.net. Retrieved 28 October 2011.
- ^ Other built-in functions provided by GCC, GCC Manual
- ^ "Compiling with cc". Retrieved 2013-03-02.
- ^ Weimer, Florian. "c - What functions is the libm intended for?". Stack Overflow. Retrieved 24 February 2021.
- ^ "c99 - compile standard C programs". The Open Group Base Specifications Issue 7, 2018 edition. The Open Group. Retrieved 24 February 2021.
- ^ "musl FAQ". www.musl-libc.org. Retrieved 24 February 2021.
- ^ "ISO/IEC TR 24731-1: Extensions to the C Library, Part I: Bounds-checking interfaces" (PDF). open-std.org. 2007-03-28. Retrieved 2014-03-13.
- ^ "ISO/IEC WDTR 24731-2: Extensions to the C Library, Part II: Dynamic Allocation Functions" (PDF). open-std.org. 2008-08-10. Retrieved 2014-03-13.
- ^ Do you use the TR 24731 'safe' functions in your C code? - Stack overflow
- ^ "Austin Group Review of ISO/IEC WDTR 24731". Retrieved 28 October 2011.
- ^ "math_error - detecting errors from mathematical functions". man7.org. 2008-08-11. Retrieved 2014-03-13.
- ^ "tree". Man.freebsd.org. 2007-12-27. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/sys/sys/tree.h". bxr.su.
- ^ "queue". Man.freebsd.org. 2011-05-13. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/sys/sys/queue.h". bxr.su.
- ^ "fgetln". Man.freebsd.org. 1994-04-19. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/stdio/fgetln.c". bxr.su.
- ^ "Super User's BSD Cross Reference: /OpenBSD/include/stdio.h". bxr.su.
- ^ "fts". Man.freebsd.org. 2012-03-18. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/include/fts.h". bxr.su.
- ^ "db". Man.freebsd.org. 2010-09-10. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/include/db.h". bxr.su.
- ^ Miller, Todd C. and Theo de Raadt. strlcpy and strlcat - consistent, safe, string copy and concatenation. Proceedings of the 1999 USENIX Annual Technical Conference, June 6–11, 1999, pp. 175–178.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strlcat.c". bxr.su.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strlcpy.c". bxr.su.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strncat.c". bxr.su.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strncpy.c". bxr.su.
- ^ "err". Man.freebsd.org. 2012-03-29. Retrieved 2013-08-25.
- ^ "Super User's BSD Cross Reference: /OpenBSD/include/err.h". bxr.su.
- ^ "vis(3)". Man.FreeBSD.org. Retrieved 14 September 2013.
- ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/gen/vis.c". bxr.su.
- ^ "Super User's BSD Cross Reference: /OpenBSD/include/vis.h". bxr.su.
- ^ "The Python Standard Library: 6.9. File Objects". Docs.python.org. Retrieved 28 October 2011.
- ^ "libc". Rust Crates. Archived from the original on 18 August 2016. Retrieved 31 July 2016.
Further reading
- ISBN 978-0131315099.