Code sec1:
int main()
{
char cp[] = "hello";
char *c = new char[strlen(cp) + 1];
cout << strlen(c) << endl;
printf("%02X\n", c);
strcpy_s(c,strlen(c),cp);
delete[] c;
cout << c << endl;
}
Result:
HEAP CORRUPTION DETECTED
解析:直到第25字节才出现'\0',因而我们使用strlen得到长度为24.
总结:strlen函数通过‘\0'判断字符串长度,因而strcpy_s第二个参数应该改为strlen(cp)+1
另附api: