There are two strategies for safe string manipulation. The Linux / glibcmaintainers refuse to add safe functions, arguing that you should keep the length of your strings at hand and use memcpy.

有两种安全的字符串操作策略。Linux / glibc维护者拒绝添加安全函数，认为您应该保持字符串的长度并使用memcpy.

On the other hand, Mac OSX includes strlcpyand strlcatfrom BSD. snprintfand asprintfcan be used on both platforms to much the same effect:

另一方面，Mac OSX 包含strlcpy并strlcat来自 BSD。snprintf并且asprintf可以在两个平台上使用以达到相同的效果：

size_t strlcpy(char *d, char const *s, size_t n)
{
    return snprintf(d, n, "%s", s);
}

size_t strlcat(char *d, char const *s, size_t n)
{
    return snprintf(d, n, "%s%s", d, s);
}

You could also consider using the BSD implementation found here. If your code will be compiled on multiple platforms, you can test for the presence of glibc using pre-defined library macros:

您还可以考虑使用此处找到的 BSD 实现。如果您的代码将在多个平台上编译，您可以使用预定义的库宏测试 glibc 的存在：

#if defined __GNU_LIBRARY__ || defined __GLIBC__

    size_t strlcpy(char *, char const *, size_t);
    size_t strlcat(char *, char const *, size_t);

#endif 

Conversion between character encodings is most easily handled using the iconvinterface.

使用iconv接口最容易处理字符编码之间的转换。

OSX has strlcpyand strlcat. Linux doesn't currently have them, to my knowledge, but it's easy enough to bring those functions in from, say, OpenBSD.

OSX 具有strlcpy和strlcat. 据我所知，Linux 目前没有这些功能，但是从 OpenBSD 中引入这些功能很容易。

You can use gcc's -D_FORTIFY_SOURCE=2option, for Linux you can go more advanced, for that you should read Secure Programming with gcc & glibc.

您可以使用 gcc 的-D_FORTIFY_SOURCE=2选项，对于 Linux，您可以更高级，为此您应该阅读Secure Programming with gcc & glibc。

If you have to use char buffers (NTBS=Nul terminated byte strings) there are noinstrinsically safe string functions. Not even strlen() is safe.

如果您必须使用字符缓冲区（NTBS=Nul 终止的字节字符串），则没有本质安全的字符串函数。甚至 strlen() 也不安全。

Rather, there are intrinsically unsafestring functions such as gets() and most uses of sprintf(). These are unsafe because you cannot reliably predict the buffer size you need.

相反，存在本质上不安全的字符串函数，例如gets() 和sprintf() 的大多数用途。这些是不安全的，因为您无法可靠地预测所需的缓冲区大小。

The other class of string functions can be usedsafely provided you keep track of the maximum buffer sizes used and required correctly.

如果您跟踪正确使用和要求的最大缓冲区大小，则可以安全地使用另一类字符串函数。

One way to help doing this in C++ is to use a nice class like StringPiece in Google's RE2 package, which is a pointer and length, where the pointer points into an NTBS. By storing the correct length into the StringPiece once, the class can then track the length of various operations. You can write such a class yourself. Doing this will not make your code correct but it will isolatethe critical spots (namely, getting the arguments to the constructor right).

在 C++ 中帮助这样做的一种方法是在 Google 的 RE2 包中使用一个像 StringPiece 这样的好类，它是一个指针和长度，指针指向一个 NTBS。通过一次将正确的长度存储到 StringPiece 中，该类可以跟踪各种操作的长度。你可以自己写一个这样的类。这样做不会使您的代码正确，但会隔离关键点（即，正确获取构造函数的参数）。

In this case, encapsulation is your friend.

在这种情况下，封装是您的朋友。

The standard C functions to convert between multibyte and wide characters are available: mbtowc(), mbstowcs(), wctomb(), wcstombs()and so on.

标准的C语言函数之间的多字节和宽字符可用转换：mbtowc()，mbstowcs()，wctomb()，wcstombs()等等。