C standard library


C standard library

The C Standard Library consists of a set of sections of the ANSI C standard in the programming language C. They describe a collection of headers and library routines used to implement common operations such as input/output[1] and string handling. Unix-like systems typically have a C library in shared library form. By contrast, on Microsoft Windows, compiled applications written in C are either statically linked with a C library or linked to a dynamic version of the library (dll) that is shipped with these applications. The C standard library is an interface standard described by a document; it is not an actual library of software routines available for linkage to C programs. No such implementation is properly called the C standard library.

The term C library may refer either to an informal synonym for C standard library (e.g. "malloc is the name of a function in the C library"), a reference to a particular implementation which provides the C standard library features and other features (e.g. "this compiler comes with a very reliable C library for ISO C and POSIX programming"), or a library which has an interface for linking to C programs (e.g. "this software company offers a C library of fast Fourier transform functions").

The term C runtime library is used on some platforms to refer to a set of base libraries, which may be distributed in dynamically linkable form with an operating system (with or without header files), or distributed with a C compiler. Another term sometimes used is libc. Not just any library is called the run-time library; run time in this context means the run-time support package associated with a compiler which is understood to make a language complete. The run-time support provides not only the C standard library functions, but possibly other material needed to create an environment for the C program, such as initialization before invoking the main function, or subroutines to provide arithmetic operations missing from the CPU that are needed by code generated by the C compiler.

Contents

History

The original C language provided no built-in functions such as I/O operations, unlike traditional languages such as COBOL and Fortran.[citation needed] Over time, user communities of C, shared ideas and implementations, of what is now called C standard libraries. Many of these ideas were incorporated eventually into the definition of the standardized C language.

Both Unix and C were created at AT&T's Bell Laboratories in the late 1960s and early 1970s. During the 1970s the C language became increasingly popular. Many universities and organizations began creating their own variants of the language for their own projects. By the beginning of the 1980s compatibility problems between the various C implementations became apparent. In 1983 the American National Standards Institute (ANSI) formed a committee to establish a standard specification of C known as "ANSI C". This work culminated in the creation of the so-called C89 standard in 1989. Part of the resulting standard was a set of software libraries called the ANSI C standard library.

Later revisions of the C standard have added several new required header files to the library:

(Support for these new extensions varies between implementations.)

ISO Standard

The ISO C standard library consists of 24 header files which can be included into a programmer's project. Each header file contains one or more function declarations, data type definitions and macros. The contents of these header files follows.

Compared to some other languages (for example Java), the standard library is minuscule. The library provides a basic set of mathematical functions, string manipulation, type conversions, and file and console-based I/O. It does not include a standard set of "container types" like the C++ Standard Template Library, let alone the complete graphical user interface (GUI) toolkits, networking tools, and profusion of other functionality that Java provides as standard. The main advantage of the small standard library is that providing a working ISO C environment is much easier than it is with other languages, and consequently porting C to a new platform is relatively easy.

Many other libraries supply equivalent functionality to that provided by other languages in their standard library. For instance, the GNOME desktop environment project has developed the GTK+ graphics toolkit and GLib, a library of container data structures, and there are many other well-known examples. The variety of libraries available has meant that some superior toolkits have proven themselves through history. The considerable downside is that they often do not work particularly well together, programmers are often familiar with different sets of libraries, and a different set of them may be available on any particular platform.

ISO C library headers

Name From Description
<assert.h> Contains the assert macro, used to assist with detecting logical errors and other types of bug in debugging versions of a program.
<complex.h> C99 A set of functions for manipulating complex numbers.
<ctype.h> Contains functions used to classify characters by their types or to convert between upper and lower case in a way that is independent of the used character set (typically ASCII or one of its extensions, although implementations utilizing EBCDIC are also known).
<errno.h> For testing error codes reported by library functions.
<fenv.h> C99 For controlling floating-point environment.
<float.h> Contains defined constants specifying the implementation-specific properties of the floating-point library, such as the minimum difference between two different floating-point numbers (_EPSILON), the maximum number of digits of accuracy (_DIG) and the range of numbers which can be represented (_MIN, _MAX).
<inttypes.h> C99 For precise conversion between integer types.
<iso646.h> NA1 For programming in ISO 646 variant character sets.
<limits.h> Contains defined constants specifying the implementation-specific properties of the integer types, such as the range of numbers which can be represented (_MIN, _MAX).
<locale.h> For setlocale and related constants. This is used to choose an appropriate locale.
<math.h> For computing common mathematical functions.
<setjmp.h> Declares the macros setjmp and longjmp, which are used for non-local exits.
<signal.h> For controlling various exceptional conditions.
<stdarg.h> For accessing a varying number of arguments passed to functions.
<stdbool.h> C99 For a boolean data type.
<stdint.h> C99 For defining various integer types.
<stddef.h> For defining several useful types and macros.
<stdio.h> Provides the core input and output capabilities of the C language. This file includes the venerable printf function.
<stdlib.h> For performing a variety of operations, including conversion, pseudo-random numbers, memory allocation, process control, environment, signalling, searching, and sorting.
<string.h> For manipulating several kinds of strings.
<tgmath.h> C99 For type-generic mathematical functions.
<time.h> For converting between various time and date formats.
<wchar.h> NA1 For manipulating wide streams and several kinds of strings using wide characters - key to supporting a range of languages.
<wctype.h> NA1 For classifying wide characters.

The C standard library in other languages

Some languages include the functionality of the standard C library in their own libraries. The library may be adapted to better suit the language's structure, but the operation semantics are kept similar. The C++ language, for example, includes the functionality of the C standard library in the namespace std (e.g., std::printf, std::atoi, std::feof), in header files with similar names to the C ones (cstdio, cmath, cstdlib, etc.). Other languages that take similar approaches are D and the main implementation of Python known as CPython. In the latter, for example, the built-in file objects are defined as "implemented using C's stdio package",[2] so that the available operations (open, read, write, etc.) are expected to have the same behavior as the corresponding C functions.

Compiler built-in functions

Some compilers (for example, GCC[3]) provide built-in versions of many of the functions in the C standard library; that is, the implementations of the functions are written into the compiled object file, and the program calls the built-in versions instead of the functions in the C library shared object file. This reduces function call overhead, especially if function calls are replaced with inline variants, and allows other forms of optimization (as the compiler knows the control-flow characteristics of the built-in variants), but may cause confusion when debugging (for example, the built-in versions cannot be replaced with instrumented variants).

However, the built-in functions must behave like ordinary functions in accordance with ISO C. The main implication is that the program must be able to create a pointer to these functions by taking their address, and invoke the function by means of that pointer. If two pointers to the same function are derived in two different translation unit in the program, these two pointers must compare equal; that is, the address comes by resolving the name of the function, which has external (program-wide) linkage.

POSIX standard library

POSIX (and SUS) specifies a number of routines that should be available over and above those in the C standard library proper; these are often implemented alongside the C standard library functionality, with varying degrees of closeness. For example, glibc implements functions such as fork within libc.so, but before NPTL was merged into glibc it constituted a separate library with its own linker flag argument. Often, this POSIX-specified functionality will be regarded as part of the library; the C library proper may be identified as the ANSI or ISO C library.

Implementations

Unix-like systems typically have a C library in shared library form, but the header files (and compiler toolchain) may be absent from an installation so C development may not be possible. The C library is considered part of the operating system on Unix-like systems.[citation needed] The C functions, including the ISO C standard ones, are widely used by programs, and are regarded as if they were not only an implementation of something in the C language, but also de facto part of the operating system interface. Unix-like operating systems generally cannot function if the C library is erased.

By contrast, on Microsoft Windows, the core system dynamic libraries (DLLs) do not provide an implementation of the C standard library; this is provided by each compiler individually. Compiled applications written in C are either statically linked with a C library, or linked to a dynamic version of the library that is shipped with these applications, rather than relied upon to be present on the targeted systems. Functions in a compiler's C library are not regarded as interfaces to Microsoft Windows.

Many other implementations exist, provided with both various operating systems and C compilers.

Although there exist too many implementations to list, some popular implementations follow:

  • BSD libc, implementations distributed under BSD operating systems.
  • GNU C Library, used in GNU/Linux and GNU/HURD.
  • Dinkum C99 Library from Dinkumware, most common commercially licensed one[citation needed]
  • Microsoft C Run-time Library, part of Microsoft Visual C++
  • dietlibc, an alternative small implementation of the C standard library (MMU-less)
  • uClibc, a C standard library for embedded Linux systems (MMU-less)
  • Newlib, a C standard library for embedded systems (MMU-less)[4]
  • klibc, primarily for booting Linux systems.
  • EGLIBC, variant of glibc for embedded systems.
  • musl, another lightweight C standard library implementation for Linux systems[5]

Detection

According to the C standard the macro __STDC_HOSTED__ shall be defined to 1 if the implementation is hosted. A hosted implementation has all the headers specified by the C standard. An implementation can also be freestanding which means that these headers will not be present. If an implementation is freestanding, it shall define __STDC_HOSTED__ to 0.

Criticism, security considerations and safer alternatives

Criticism

A number of functions in the C standard library have been notorious for having buffer overflow vulnerabilities and generally encouraging buggy programming ever since their adoption.[6] The most criticized items are:

  • string-manipulation routines (str(n)cpy(), str(n)cat()) - for lack of bounds checking and possible buffer overflows if the bounds aren't checked manually;
  • string routines in general - for side-effects, encouraging irresponsible buffer usage, not always guaranteeing output validity (i.e. null-termination), linear length calculation;[7]
  • printf() family routines - for spoiling the execution stack when the format string doesn't match the arguments given. This fundamental flaw created an entire class of attacks: format string attacks;
  • some I/O routines (gets(), scanf()) - for lack of (either any or easy) input length checking;
  • some other routines (mktemp(), strerror()) - for being thread unsafe and otherwise vulnerable to race conditions.

Other criticism includes the lack of functionality that has become commonplace in languages that emerged later (regular expressions, encodings and Unicode support, automatic memory management, simplified error handling). Other languages have developed that used C as their base and many people would like to move away from C, however there is a huge volume of highly efficient C code, some of which has been in use for 20 years or more.[8]

Except the extreme case with gets(), all the security vulnerabilities can be avoided by introducing auxiliary code to perform memory management, bounds checking, input checking etc.

General paths towards a solution

These efforts go in a few general directions:

  • Providing a better interface in place of or in addition to the flawed or else inconvenient functions
    • djblib [Link broken, 2011-10-22] by D.J. Bernstein, a replacement for many standard library functions he developed for his qmail package
    • GLib and Win32 API provide both platform-independent types and APIs alternative to that of standard C library
    • The ISO C committee published Technical reports TR 24731-1 and is working on TR 24731-2 to propose adoption of some functions with bounds checking and automatic buffer allocation, correspondingly. The former has met severe criticism with some praise,[9][10] the latter received mixed responses. Despite this, TR 24731-1 has been implemented into Microsoft's C standard library and its compiler issues warnings when using old 'insecure' functions.
    • Many programmers reported to have written wrappers for standard library functions to make them easier to use. This dates back to as early as The Practice of Programming book by B. Kernighan and R. Pike where the authors commonly use wrappers that print error messages and quit the program if an error occurs.
    • Other languages and environments that provide a C-standard-library-like interface (e.g. MATLAB and Python), tend to change the functions' semantics to fix the aforementioned flaws.
  • Extending core functionality
    • POSIX standardized the use of several nonstandard C headers for Unix-specific functionality. Many have found their way to other architectures. Examples include unistd.h and signal.h. A number of other groups are using other nonstandard headers - most flavors of Linux have alloca.h and HP OpenVMS has the va_count() function.

See also

References

  1. ^ ISO/IEC (1999). ISO/IEC 9899:1999(E): Programming Languages - C §7.19.1 para 1
  2. ^ "The Python Standard Library: 6.9. File Objects". Docs.python.org. http://docs.python.org/library/stdtypes.html#bltin-file-objects. Retrieved 28 October 2011. 
  3. ^ Other built-in functions provided by GCC, GCC Manual
  4. ^ "Re: Does Newlib support mmu-less CPUs?". Cygwin.com. 23 March 2006. http://www.cygwin.com/ml/newlib/2006/msg00224.html. Retrieved 28 October 2011. 
  5. ^ "musl libc". Etalabs.net. http://www.etalabs.net/musl/. Retrieved 28 October 2011. 
  6. ^ Morris worm that takes advantage of the well-known vulnerability in gets() have been created as early as in 1988.
  7. ^ in C standard library, string length calculation and looking for a string's end have linear time complexities and are inefficient when used on the same or related strings repeatedly
  8. ^ langpop.com
  9. ^ Do you use the TR 24731 ‘safe’ functions in your C code? - Stack overflow
  10. ^ "Austin Group Review of ISO/IEC WDTR 24731". http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1106.txt. Retrieved 28 October 2011. 

Further Reading

  • Plauger, P. J. (1992). The Standard C library. Englewood Cliffs, N.J: Prentice Hall. ISBN 0-13-131509-9. 

External links


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Standard library — A standard library for a programming language is the library that is conventionally made available in every implementation of that language. In some cases, the library is described directly in the programming language specification; in other… …   Wikipedia

  • C++ standard library — In C++, the Standard Library is a collection of classes and functions, which are written in the core language. The Standard Library provides several generic containers, functions to utilise and manipulate these containers, function objects,… …   Wikipedia

  • C Standard Library — Die Standard C Library ist eine genormte Bibliothek für die Programmiersprache C, die etwa 200 Funktionen enthält und in jedem hosted environment von C zu implementieren ist. Sie enthält häufig benötigte Funktionen für Ein und Ausgabe,… …   Deutsch Wikipedia

  • C++ Standard Library — Bibliothèque standard du C++ La bibliothèque standard du C++ (C++ Standard Library en anglais) est une bibliothèque de classes et de fonctions standardisées pour le langage C++. Elle fournit un certain nombre de classes comme par exemple :… …   Wikipédia en Français

  • C++ standard library — Bibliothèque standard du C++ La bibliothèque standard du C++ (C++ Standard Library en anglais) est une bibliothèque de classes et de fonctions standardisées pour le langage C++. Elle fournit un certain nombre de classes comme par exemple :… …   Wikipédia en Français

  • C standard library — …   Википедия

  • Apache C++ Standard Library — Infobox Software name = Apache C++ Standard Library caption = developer = Apache Software Foundation latest release version = 4.2.1 latest release date = release date|2008|5|1 latest preview version = latest preview date = operating system =… …   Wikipedia

  • C Plus Plus standard library — Bibliothèque standard du C++ La bibliothèque standard du C++ (C++ Standard Library en anglais) est une bibliothèque de classes et de fonctions standardisées pour le langage C++. Elle fournit un certain nombre de classes comme par exemple :… …   Wikipédia en Français

  • C plus plus standard library — Bibliothèque standard du C++ La bibliothèque standard du C++ (C++ Standard Library en anglais) est une bibliothèque de classes et de fonctions standardisées pour le langage C++. Elle fournit un certain nombre de classes comme par exemple :… …   Wikipédia en Français

  • System (C standard library) — In the C standard library, system is a function used to execute subprocesses and commands, residing in stdlib.h. It differs from the exec/spawn family of functions in that instead of passing arguments to an executed object, a single string is… …   Wikipedia


We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.