Jump to content

C standard library

From Wikipedia, the free encyclopedia
(Redirected from C standard libraries)

The C standard library, sometimes referred to as libc,[1] is the standard library for the C programming language, as specified in the ISO C standard.[2] Starting from the original ANSI C standard, it was developed at the same time as the C POSIX library, which is a superset of it.[3] Since ANSI C was adopted by the International Organization for Standardization,[4] the C standard library is also called the ISO C library.[5]

The C standard library provides macros, type definitions and functions for tasks such as string manipulation, mathematical computation, input/output processing, memory management, and input/output.

Application programming interface (API)

[edit]

Header files

[edit]

The application programming interface (API) of the C standard library is declared in a number of header files. Each header file contains one or more function declarations, data type definitions, and macros.

After a long period of stability, three new header files (iso646.h, wchar.h, and wctype.h) were added with Normative Addendum 1 (NA1), an addition to the C Standard ratified in 1995. Six more header files (complex.h, fenv.h, inttypes.h, stdbool.h, stdint.h, and tgmath.h) were added with C99, a revision to the C Standard published in 1999, and five more files (stdalign.h, stdatomic.h, stdnoreturn.h, threads.h, and uchar.h) with C11 in 2011. In total, there are now 29 header files:

Name From Description
<assert.h> Declares the assert macro, used to assist with detecting logical errors and other types of bugs while debugging a program.
<complex.h> C99 Defines a set of functions for manipulating complex numbers.
<ctype.h> Defines set of functions used to classify characters by their types or to convert between upper and lower case in a way that is independent of the used character set (typically ASCII or one of its extensions, although implementations utilizing EBCDIC are also known).
<errno.h> For testing error codes reported by library functions.
<fenv.h> C99 Defines a set of functions for controlling floating-point environment.
<float.h> Defines macro constants specifying the implementation-specific properties of the floating-point library.
<inttypes.h> C99 Defines exact-width integer types.
<iso646.h> NA1 Defines several macros that implement alternative ways to express several standard tokens. For programming in ISO 646 variant character sets.
<limits.h> Defines macro constants specifying the implementation-specific properties of the integer types.
<locale.h> Defines localization functions.
<math.h> Defines common mathematical functions.
<setjmp.h> Declares the macros setjmp and longjmp, which are used for non-local exits.
<signal.h> Defines signal-handling functions.
<stdalign.h> C11 For querying and specifying the alignment of objects.
<stdarg.h> For accessing a varying number of arguments passed to functions.
<stdatomic.h> C11 For atomic operations on data shared between threads.
<stdbool.h> C99 Defines a Boolean data type.
<stddef.h> Defines several useful types and macros.
<stdint.h> C99 Defines exact-width integer types.
<stdio.h> Defines core input and output functions
<stdlib.h> Defines numeric conversion functions, pseudo-random numbers generation functions, memory allocation, process control functions
<stdnoreturn.h> C11 For specifying non-returning functions
<string.h> Defines string-handling functions
<tgmath.h> C99 Defines type-generic mathematical functions.
<threads.h> C11 Defines functions for managing multiple threads, mutexes and condition variables
<time.h> Defines date- and time-handling functions
<uchar.h> C11 Types and functions for manipulating Unicode characters
<wchar.h> NA1 Defines wide-string-handling functions
<wctype.h> NA1 Defines set of functions used to classify wide characters by their types or to convert between upper and lower case

Three of the header files (complex.h, stdatomic.h, and threads.h) are conditional features that implementations are not required to support.

The POSIX standard added several nonstandard C headers for Unix-specific functionality. Many have found their way to other architectures. Examples include fcntl.h and unistd.h. A number of other groups are using other nonstandard headers – the GNU C Library has alloca.h, and OpenVMS has the va_count() function.

Documentation

[edit]

On Unix-like systems, the authoritative documentation of the API is provided in the form of man pages. On most systems, man pages on standard library functions are in section 3; section 7 may contain some more generic pages on underlying concepts (e.g. man 7 math_error in Linux).

Implementations

[edit]

Unix-like systems typically have a C library in shared library form, but the header files (and compiler toolchain) may be absent from an installation so C development may not be possible. The C library is considered part of the operating system on Unix-like systems; in addition to functions specified by the C standard, it includes other functions that are part of the operating system API, such as functions specified in the POSIX standard. The C library functions, including the ISO C standard ones, are widely used by programs, and are regarded as if they were not only an implementation of something in the C language, but also de facto part of the operating system interface. Unix-like operating systems generally cannot function if the C library is erased. This is true for applications which are dynamically as opposed to statically linked. Further, the kernel itself (at least in the case of Linux) operates independently of any libraries.

On Microsoft Windows, the core system dynamic libraries (DLLs) provide an implementation of the C standard library for the Microsoft Visual C++ compiler v6.0; the C standard library for newer versions of the Microsoft Visual C++ compiler is provided by each compiler individually, as well as redistributable packages. Compiled applications written in C are either statically linked with a C library, or linked to a dynamic version of the library that is shipped with these applications, rather than relied upon to be present on the targeted systems. Functions in a compiler's C library are not regarded as interfaces to Microsoft Windows.

Many C library implementations exist, provided with both various operating systems and C compilers. Some of the popular implementations are the following:

  • The BSD libc, various implementations distributed with BSD-derived operating systems
  • GNU C Library (glibc), used in GNU Hurd, GNU/kFreeBSD, and most Linux distributions
  • Microsoft C run-time library, part of Microsoft Visual C++. There are two versions of the library: MSVCRT that was a redistributable till v12 / Visual Studio 2013 with low C99 compliance, and a new one UCRT (Universal C Run Time) that is part of Windows 10 and 11, so always present to link against, and is C99 compliant too [1].
  • dietlibc, an alternative small implementation of the C standard library (MMU-less)
  • μClibc, a C standard library for embedded μClinux systems (MMU-less)
  • Newlib, a C standard library for embedded systems (MMU-less)[6] and used in the Cygwin GNU distribution for Windows
  • klibc, primarily for booting Linux systems
  • musl, another lightweight C standard library implementation for Linux systems[7]
  • Bionic, originally developed by Google for the Android embedded system operating system, derived from BSD libc
  • picolibc, developed by Keith Packard, targeting small embedded systems with limited RAM, based on code from Newlib and AVR Libc

Compiler built-in functions

[edit]

Some compilers (for example, GCC[8]) provide built-in versions of many of the functions in the C standard library; that is, the implementations of the functions are written into the compiled object file, and the program calls the built-in versions instead of the functions in the C library shared object file. This reduces function-call overhead, especially if function calls are replaced with inline variants, and allows other forms of optimization (as the compiler knows the control-flow characteristics of the built-in variants), but may cause confusion when debugging (for example, the built-in versions cannot be replaced with instrumented variants).

However, the built-in functions must behave like ordinary functions in accordance with ISO C. The main implication is that the program must be able to create a pointer to these functions by taking their address, and invoke the function by means of that pointer. If two pointers to the same function are derived in two different translation units in the program, these two pointers must compare equal; that is, the address comes by resolving the name of the function, which has external (program-wide) linkage.

Linking, libm

[edit]

Under FreeBSD[9] and glibc,[10] some functions such as sin() are not linked in by default and are instead bundled in the mathematical library libm. If any of them are used, the linker must be given the directive -lm. POSIX requires that the c99 compiler supports -lm, and that the functions declared in the headers math.h, complex.h, and fenv.h are available for linking if -lm is specified, but does not specify if the functions are linked by default.[11] musl satisfies this requirement by putting everything into a single libc library and providing an empty libm.[12]

Detection

[edit]

According to the C standard the macro __STDC_HOSTED__ shall be defined to 1 if the implementation is hosted. A hosted implementation has all the headers specified by the C standard. An implementation can also be freestanding which means that these headers will not be present. If an implementation is freestanding, it shall define __STDC_HOSTED__ to 0.

Problems and workarounds

[edit]

Buffer overflow vulnerabilities

[edit]

Some functions in the C standard library have been notorious for having buffer overflow vulnerabilities and generally encouraging buggy programming ever since their adoption.[13][a] The most criticized items are:

  • string-manipulation routines, including strcpy() and strcat(), for lack of bounds checking and possible buffer overflows if the bounds are not checked manually;
  • string routines in general, for side-effects, encouraging irresponsible buffer usage, not always guaranteeing valid null-terminated output, linear length calculation;[b]
  • printf() family of routines, for spoiling the execution stack when the format string does not match the arguments given. This fundamental flaw created an entire class of attacks: format string attacks;
  • gets() and scanf() family of I/O routines, for lack of (either any or easy) input length checking.

Except the extreme case with gets(), all the security vulnerabilities can be avoided by introducing auxiliary code to perform memory management, bounds checking, input checking, etc. This is often done in the form of wrappers that make standard library functions safer and easier to use. This dates back to as early as The Practice of Programming book by B. Kernighan and R. Pike where the authors commonly use wrappers that print error messages and quit the program if an error occurs.

The ISO C committee published Technical reports TR 24731-1[14] and is working on TR 24731-2[15] to propose adoption of some functions with bounds checking and automatic buffer allocation, correspondingly. The former has met severe criticism with some praise,[16][17] and the latter saw mixed response.

Despite concerns, TR 24731-1 was integrated into the C standards track in ISO/IEC 9899:2011 (C11), Annex K (Bounds-checking interfaces), and implemented approximately in Microsoft’s C/++ runtime (CRT) library for the Win32 and Win64 platforms.

(By default, Microsoft Visual Studio’s C and C++ compilers issue warnings when using older, "insecure" functions. However, Microsoft’s implementation of TR 24731-1 is subtly incompatible with both TR 24731-1 and Annex K,[18] so it’s common for portable projects to disable or ignore these warnings. They can be disabled directly by issuing

#pragma warning(disable : 4996)

before/around the call site[s] in question, or indirectly by issuing

#define _CRT_SECURE_NO_WARNINGS 1

before including any headers.[19] Command-line option /D_CRT_NO_SECURE_WARNINGS=1 should have the same effect as this #define.)

Threading problems, vulnerability to race conditions

[edit]

The strerror() routine is criticized for being thread unsafe and otherwise vulnerable to race conditions.

Error handling

[edit]

The error handling of the functions in the C standard library is not consistent and sometimes confusing. According to the Linux manual page math_error, "The current (version 2.8) situation under glibc is messy. Most (but not all) functions raise exceptions on errors. Some also set errno. A few functions set errno, but do not raise an exception. A very few functions do neither."[20]

Standardization

[edit]

The original C language provided no built-in functions such as I/O operations, unlike traditional languages such as COBOL and Fortran.[citation needed] Over time, user communities of C shared ideas and implementations of what is now called C standard libraries. Many of these ideas were incorporated eventually into the definition of the standardized C language.

Both Unix and C were created at AT&T's Bell Laboratories in the late 1960s and early 1970s. During the 1970s the C language became increasingly popular. Many universities and organizations began creating their own variants of the language for their own projects. By the beginning of the 1980s compatibility problems between the various C implementations became apparent. In 1983 the American National Standards Institute (ANSI) formed a committee to establish a standard specification of C known as "ANSI C". This work culminated in the creation of the so-called C89 standard in 1989. Part of the resulting standard was a set of software libraries called the ANSI C standard library.

POSIX standard library

[edit]

POSIX, as well as SUS, specify a number of routines that should be available over and above those in the basic C standard library. The POSIX specification includes header files for, among other uses, multi-threading, networking, and regular expressions. These are often implemented alongside the C standard library functionality, with varying degrees of closeness. For example, glibc implements functions such as fork within libc.so, but before NPTL was merged into glibc it constituted a separate library with its own linker flag argument. Often, this POSIX-specified functionality will be regarded as part of the library; the basic C library may be identified as the ANSI or ISO C library.

BSD libc

[edit]

BSD libc is a superset of the POSIX standard library supported by the C libraries included with BSD operating systems such as FreeBSD, NetBSD, OpenBSD and macOS. BSD libc has some extensions that are not defined in the original standard, many of which first appeared in 1994's 4.4BSD release (the first to be largely developed after the first standard was issued in 1989). Some of the extensions of BSD libc are:

The C standard library in other languages

[edit]

Some languages include the functionality of the standard C library in their own libraries. The library may be adapted to better suit the language's structure, but the operational semantics are kept similar.

C++

[edit]

The C++ language incorporates the majority of the C standard library’s constructs into its own, excluding C-specific machinery. C standard library functions are exported from the C++ standard library in two ways.

For backwards-/cross-compatibility to C and pre-Standard C++, functions can be accessed in the global namespace (::), after #includeing the C standard header name as in C.[42] Thus, the C++98 program

#include <stdio.h>
int main() {
	return ::puts("Hello, world!") == EOF;
}

should exhibit (apparently-)identical behavior to C95 program

#include <stdio.h>
int main(void) {
	return puts("Hello, world!") == EOF;
}

From C++98 on, C functions are also made available in namespace ::std (e.g., C printf as C++ ::std::printf, atoi as ::std::atoi, feof as ::std::feof), by including header <chdrname> instead of corresponding C header <hdrname.h>. E.g., <cstdio> substitutes for <stdio.h> and <cmath> for <math.h>; note lack of .h extension on C++ header names.

Thus, an equivalent (generally preferable) C++≥98 program to the above two is:

#include <cstdio>
int main() {
	return std::puts("Hello, world") == EOF;
}

A using namespace ::std declaration above or within main can be issued to apply the ::std:: prefix automatically, although it’s generally considered poor practice to use it globally in headers because it pollutes the global namespace.[43]

A few of the C++≥98 versions of C’s headers are missing; e.g., C≥11 <stdnoreturn.h> and <threads.h> have no C++ counterparts.[44]

Others are reduced to placeholders, such as (until C++20) <ciso646> for C95 <iso646.h>, all of whose requisite macros are rendered as keywords in C++98. C-specific syntactic constructs aren’t generally supported, even if their header is.[45]

Several C headers exist primarily for C++ compatibility, and these tend to be near-empty in C++. For example, C9917 <stdbool.h> require only

#define bool _Bool
#define false 0
#define true 1
#define __bool_true_false_are_defined 1

in order to feign support for the C++98 bool, false, and true keywords in C. C++11 requires <stdbool.h> and <cstdbool> for compatibility, but all they need to define is __bool_true_false_are_defined. C23 obsoletes older _Bool keyword in favor of new, C++98-equivalent bool, false, and true keywords, so the C≥23 and C++≥11 <stdbool.h>/<cstdbool> headers are fully equivalent. (In particular, C23 doesn’t require any __STDC_VERSION_BOOL_H__ macro for <stdbool.h>.)

Access to C library functions via namespace ::std and the C++≥98 header names is preferred where possible. To encourage adoption, C++98 obsoletes the C (*.h) header names, so it’s possible that use of C compatibility headers will cause an especially strict C++98–20 preprocessor to raise a diagnostic of some sort. However, C++23 (unusually) de-obsoletes these headers, so newer C++ implementations/modes shouldn’t complain without being asked to specifically.[46]


Other languages take a similar approach, placing C compatibility functions/routines under a common namespace; these include D, Perl, and Ruby.


Python

[edit]

CPython includes wrappers for some of the C library functions in its own common library, and it also grants more direct access to C functions and variables via its ctypes package.[47]

More generally, Python 2.x specifies the built-in file objects as being “implemented using C's stdio package,"[48] and frequent reference is made to C standard library behaviors; the available operations (open, read, write , etc.) are expected to have the same behavior as the corresponding C functions (fopen, fread, fwrite, etc.).

Python 3’s specification relies considerably less on C specifics than Python 2, however.

Rust

[edit]

Rust offers crate libc, which allows various C standard (and other) library functions and type definitions to be used.[49]

Comparison to standard libraries of other languages

[edit]

The C standard library is small compared to the standard libraries of some other languages. The C library provides a basic set of mathematical functions, string manipulation, type conversions, and file and console-based I/O. It does not include a standard set of "container types" like the C++ Standard Template Library, let alone the complete graphical user interface (GUI) toolkits, networking tools, and profusion of other functionality that Java and the .NET Framework provide as standard. The main advantage of the small standard library is that providing a working ISO C environment is much easier than it is with other languages, and consequently porting C to a new platform is comparatively easy.

See also

[edit]

Notes

[edit]
  1. ^ Morris worm that takes advantage of the well-known vulnerability in gets() have been created as early as in 1988.
  2. ^ in C standard library, string length calculation and looking for a string's end have linear time complexities and are inefficient when used on the same or related strings repeatedly

References

[edit]
  1. ^ Wellons, Chris (11 February 2023). "My review of the C standard library in practice". Retrieved 29 December 2024.
  2. ^ ISO/IEC (2018). ISO/IEC 9899:2018(E): Programming Languages - C §7
  3. ^ "Difference between C standard library and C POSIX library". stackoverflow.com. 2012. Retrieved 4 March 2015.
  4. ^ "C Standards". C: C Standards. Keil. Retrieved 24 November 2011.
  5. ^ "The GNU C Library – Introduction". gnu.org. Retrieved 5 December 2013.
  6. ^ "Re: Does Newlib support mmu-less CPUs?". Cygwin.com. 23 March 2006. Archived from the original on 22 November 2008. Retrieved 28 October 2011.
  7. ^ "musl libc". Etalabs.net. Retrieved 28 October 2011.
  8. ^ FSF (2024). "6.64 Other Built-in Functions Provided by GCC". A GNU Manual. self-published.
  9. ^ "Compiling with cc". Retrieved 2 March 2013.
  10. ^ Weimer, Florian. "c - What functions is the libm intended for?". Stack Overflow. Retrieved 24 February 2021.
  11. ^ "c99 - compile standard C programs". The Open Group Base Specifications Issue 7, 2018 edition. The Open Group. Retrieved 24 February 2021.
  12. ^ "musl FAQ". www.musl-libc.org. Retrieved 24 February 2021.
  13. ^ Cobb, Michael (July 2021). "buffer overflow". TechTarget. Retrieved 29 December 2024.
  14. ^ "ISO/IEC TR 24731-1: Extensions to the C Library, Part I: Bounds-checking interfaces" (PDF). open-std.org. 28 March 2007. Retrieved 13 March 2014.
  15. ^ "ISO/IEC WDTR 24731-2: Extensions to the C Library, Part II: Dynamic Allocation Functions" (PDF). open-std.org. 10 August 2008. Retrieved 13 March 2014.
  16. ^ Do you use the TR 24731 'safe' functions in your C code? - Stack overflow
  17. ^ "Austin Group Review of ISO/IEC WDTR 24731". Retrieved 28 October 2011.
  18. ^ "Field Experience With Annex K—Bounds Checking Interfaces". Retrieved 9 October 2024.
  19. ^ "Security Features in the CRT—Eliminating deprecation warnings". February 2023. Retrieved 9 October 2024.
  20. ^ "math_error - detecting errors from mathematical functions". man7.org. 11 August 2008. Retrieved 13 March 2014.
  21. ^ "tree". Man.freebsd.org. 27 December 2007. Retrieved 25 August 2013.
  22. ^ "Super User's BSD Cross Reference: /OpenBSD/sys/sys/tree.h". bxr.su.
  23. ^ "queue". Man.freebsd.org. 13 May 2011. Retrieved 25 August 2013.
  24. ^ "Super User's BSD Cross Reference: /OpenBSD/sys/sys/queue.h". bxr.su.
  25. ^ "fgetln". Man.freebsd.org. 19 April 1994. Retrieved 25 August 2013.
  26. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/stdio/fgetln.c". bxr.su.
  27. ^ "Super User's BSD Cross Reference: /OpenBSD/include/stdio.h". bxr.su.
  28. ^ "fts". Man.freebsd.org. 18 March 2012. Retrieved 25 August 2013.
  29. ^ "Super User's BSD Cross Reference: /OpenBSD/include/fts.h". bxr.su.
  30. ^ "db". Man.freebsd.org. 10 September 2010. Retrieved 25 August 2013.
  31. ^ "Super User's BSD Cross Reference: /OpenBSD/include/db.h". bxr.su.
  32. ^ Miller, Todd C. and Theo de Raadt. strlcpy and strlcat - consistent, safe, string copy and concatenation. Proceedings of the 1999 USENIX Annual Technical Conference, June 6–11, 1999, pp. 175–178.
  33. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strlcat.c". bxr.su.
  34. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strlcpy.c". bxr.su.
  35. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strncat.c". bxr.su.
  36. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/string/strncpy.c". bxr.su.
  37. ^ "err". Man.freebsd.org. 29 March 2012. Retrieved 25 August 2013.
  38. ^ "Super User's BSD Cross Reference: /OpenBSD/include/err.h". bxr.su.
  39. ^ "vis(3)". Man.FreeBSD.org. Retrieved 14 September 2013.
  40. ^ "Super User's BSD Cross Reference: /OpenBSD/lib/libc/gen/vis.c". bxr.su.
  41. ^ "Super User's BSD Cross Reference: /OpenBSD/include/vis.h". bxr.su.
  42. ^ C++ Standard Library Headers—C compatibility headers, retrieved 9 October 2024
  43. ^ Kieras, David (15 February 2015). "Using "using": How to use the std namespace" (PDF). EECS381 Handouts. EECS Department, University of Michigan. Archived (PDF) from the original on 24 December 2022. Retrieved 9 October 2024. A single using namespace std; statement in a single header file in a complex project can make a mess out of the namespace management for the whole project. So, no top level [using namespace] statements in a header file!
  44. ^ "C++ Standard Library headers—Unsupported C headers". Retrieved 9 October 2024.
  45. ^ "C++ Standard Library headers—Meaningless C headers". Retrieved 9 October 2024.
  46. ^ "C++ Standard Library headers—C compatibility headers". Retrieved 9 October 2024.
  47. ^ "ctypes—A foreign function library for Python". docs.python.com. Retrieved 9 October 2024.
  48. ^ "The Python Standard Library, §5.9: File Objects". Retrieved 9 October 2024. File objects are implemented using C's stdio package and can be created with the built-in open() function.
  49. ^ "Crate libc". Rust Crates. Retrieved 9 October 2024.

Further reading

[edit]
[edit]