Why is strdup considered to be evil

c c-strings

I've seen some posters stating that strdup is evil. Is there a consensus on this? I've used it without any guilty feelings and can see no reason why it is worse than using malloc/memcpy.

The only thing I can think might earn strdup a reputation is that callers might misuse it (eg. not realise they have to free the memory returned; try to strcat to the end of a strdup'ed string). But then malloc'ed strings are not free from the possibility of misuse either.

Thanks for the replies and apologies to those who consider the question unhelpful (votes to close). In summary of the replies, it seems that there is no general feeling that strdup is evil per se, but a general consensus that it can, like many other parts of C, be used improperly or unsafely.

There is no 'correct' answer really, but for the sake of accepting one, I accepted @nneoneo's answer - it could equally have been @R..'s answer.


Solution 1:

Two reasons I can think of:

  1. It's not strictly ANSI C, but rather POSIX. Consequently, some compilers (e.g. MSVC) discourage use (MSVC prefers _strdup), and technically the C standard could define its own strdup with different semantics since str is a reserved prefix. So, there are some potential portability concerns with its use.
  2. It hides its memory allocation. Most other str functions don't allocate memory, so users might be misled (as you say) into believing the returned string doesn't need to be freed.

But, aside from these points, I think that careful use of strdup is justified, as it can reduce code duplication and provides a nice implementation for common idioms (such as strdup("constant string") to get a mutable, returnable copy of a literal string).

Solution 2:

My answer is rather supporting strdup and it is no worse than any other function in C.

  1. POSIX is a standard and strdup is not too difficult to implement if portability becomes an issue.

  2. Whether to free the memory allocated by strdup shouldn't be an issue if anyone taken a little time to read the man page and understand how strdup works. If one doesn't understand how a function works, it's very likely the person is going to mess up something, this is applicable to any function, not just strdup.

  3. In C, memory & most other things are managed by the programmer, so strdup is no worse than forgetting to free malloc'ed memory, failing to null terminate a string, using incorrect format string in scanf (and invoking undefined behaviour), accessing dangling pointer etc.

(I really wanted to post this as a comment, but couldn't add in a single comment. Hence, posted it as an answer).

Related

Did Instagram change API rate limits on Mar 30, 2018?
Javascript: take every nth Element of Array
How can I sort an ArrayList of Strings in Java?
FtpWebRequest returns error 550 File unavailable
How to inspect a Process Explorer full dump
Is there any graphical display tool for diff output?
Does the 'sysrq' key have any function in Windows? [duplicate]
How do I detect SD card insertion (just the SD card, not the card reader) in Linux?
How do I analyze the 'CBS.log' file generated by the 'sfc' command to detect corrupt files in Windows 7?
How do I change user interface language in Firefox to avoid so-called localization?
Windows Store says my PC isn't connected to the internet
Beyond-compare wont ignore line-breaks?