Safe string in window

最新推荐文章于 2022-03-29 20:52:41 发布
最新推荐文章于 2022-03-29 20:52:41 发布
阅读量693 收藏
点赞数
分类专栏: Window 文章标签: c

http://msdn.microsoft.com/en-us/library/windows/desktop/ms647466(v=vs.85).aspx

About Strsafe.h

            3 out of 16 rated this helpful - Rate this topic                         

Poor buffer handling is implicated in many security issues that involve buffer overruns. The functions defined in Strsafe.h provide additional processing for proper buffer handling in your code. For this reason, they are intended to replace their built-in C/C++ counterparts as well as specific Windows implementations. Strsafe.h is available in the Windows SDK starting with Windows XP with Service Pack 2 (SP2).

The advantages of the Strsafe functions include:

  • The size of the destination buffer is always provided to the function to ensure that the function does not write past the end of the buffer.

  • Buffers are guaranteed to be null-terminated, even if the operation truncates the intended result.

  • All functions return an HRESULT value, with only one possible success code (S_OK).

  • Each function is available in a corresponding character count ("cch") or byte count ("cb") version.

  • Most functions have an extended ("Ex") version available for advanced functionality.

See the following sections for details.

Character Count Functions

The following functions use a character count rather than a byte count.

FunctionReplaces
StringCchCat StringCchCatEx
strcat, wcscat, _tcsat lstrcat StrCat StrCatBuff
StringCchCatN StringCchCatNEx
strncat StrNCat
StringCchCopy StringCchCopyEx
strcpy, wcscpy, _tcscpy lstrcpy StrCpy
StringCchCopyN StringCchCopyNEx
strncpy, wcsncpy, _tcsncpy
StringCchGets StringCchGetsEx
gets, _getws, _getts
StringCchPrintf StringCchPrintfEx
sprintf, swprintf, _stprintf wsprintf wnsprintf _snprintf, _snwprintf, _sntprintf
StringCchVPrintf StringCchVPrintfEx
vsprintf, vswprintf, _vstprintf vsnprintf, _vsnwprintf, _vsntprintf wvsprintf wvnsprintf
StringCchLength
strlen, wcslen, _tcslen

 

Byte Count Functions

The following functions use a byte count rather than a character count.

FunctionReplaces
StringCbCat StringCbCatEx
strcat, wcscat, _tcsat lstrcat StrCat StrCatBuff
StringCbCatN StringCbCatNEx
strncat StrNCat
StringCbCopy StringCbCopyEx
strcpy, wcscpy, _tcscpy lstrcpy StrCpy
StringCbCopyN StringCbCopyNEx
strncpy, wcsncpy, _tcsncpy
StringCbGets StringCbGetsEx
gets, _getws, _getts
StringCbPrintf StringCbPrintfEx
sprintf, swprintf, _stprintf wsprintf wnsprintf _snprintf, _snwprintf, _sntprintf
StringCbVPrintf StringCbVPrintfEx
vsprintf, vswprintf, _vstprintf vsnprintf, _vsnwprintf, _vsntprintf wvsprintf wvnsprintf
StringCbLength
strlen, wcslen, _tcslen

 

Using Strsafe.h

  • To use the Strsafe functions inline, include the header file as shown here, following the #include statements for all other header files.

    #include <strsafe.h>

  • To use the functions in library form, include the following statement before including Strsafe.h. However, it is recommended that you use the inline functions.

    #define STRSAFE_LIB

    Note  : The following functions must be used as inline functions: StringCbGets, StringCbGetsEx, StringCchGets, and StringCchGetsEx.

  • When you include Strsafe.h in your file, the older functions replaced by the Strsafe.h functions will be deprecated. Attempts to use these older functions will result in a compiler error telling you to use the newer functions. If you want to override this behavior, include the following statement before including Strsafe.h.

    #define STRSAFE_NO_DEPRECATE

  • To allow only character count functions, include the following statement before including Strsafe.h.

    #define STRSAFE_NO_CB_FUNCTIONS

  • To allow only byte count functions, include the following statement before including Strsafe.h.

    #define STRSAFE_NO_CCH_FUNCTIONS

    Note  You can define STRSAFE_NO_CB_FUNCTIONS or STRSAFE_NO_CCH_FUNCTIONS, but not both.

  • The maximum supported string length is 2,147,483,647 (STRSAFE_MAX_CCH) characters, either ANSI or Unicode.

 

vingo888
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Joomla! 1.5 Development Cookbook.pdf
08-14
Replacing occurrences of a UTF-8 string in a UTF-8 string 143 Accessing characters in a UTF-8 string by position 145 This material is copyright and is licensed for the sole use by Vadim Kudria on 4...
Cannot open include file: ‘specstrings.h‘
qq_41490873的博客
07-31 679
在编译驱动程序出现这个错误的处理办法: 把 C:\WINDDK\3790.1830\inc\wxp\ specstrings.h 这个头文件 复制到路径 C:\WINDDK\3790.1830\inc\wxp 文件夹里面就可以编译了. 注意:C:\WINDDK\ 是自己安装ddk的路径
#error : Need to include strsafe.h after tchar.h
02-24 2636
编译包含DirectX9的程序时,报fatal error C1189: #error : Need to include strsafe.h after tchar.h 错误。修改方法: 在#include 之前增加以下头文件: #include #include
Strsafe.h:更安全的C语言字符串处理函数
weixin_33701617的博客
03-20 177
作者:Michael Howard原文出处:Strsafe.h: Safer String Handling in C   在微软公司举行的Microsoft Windows Security Push 活动期间,一批测试者、程序管理经理和普通程序员共同决定要为 C 语言量身定制一套具有较高安全性的字符串处理函数,并且希望这些函数能被 Windows 程序员和微软公司内部的程序员所采用。简单说来...
Need to include strsafe.h after tchar.h
看写写
03-10 1593
把tcahr.h 放到所有#include 的前面
饿了么最新秋招笔试题前端试题.docx
12-08
知识点:window.alert()、setTimeout()、addEventListener和String对象 window.alert()是一个同步方法,会阻塞脚本的执行。setTimeout(foo, 0)这行代码不能等价替换为 foo()。在addEventListener的处理方法中使用...
python3.6.5参考手册 chm
04-15
PEP 442: Safe Object Finalization PEP 456: Secure and Interchangeable Hash Algorithm PEP 436: Argument Clinic Other Build and C API Changes Other Improvements Significant Optimizations ...
EurekaLog_7.5.0.0_Enterprise
11-15
22)..Fixed: Taking screenshot of minimized window 23)..Fixed: NT service may not log all exceptions 24)..Fixed: SSL port number for Bugzilla 25)..Fixed: Disabling "Activate Exception Filters" option ...
android 与js交互
05-22
你需要在AndroidManifest.xml中启用`android.webkit.WebViewFeature.JAVASCRIPT_CAN_ACCESS_CLIPBOARD`或`android.webkit.WebViewFeature.JAVASCRIPT_INTERFACE_OBJECTS_SAFE`特性,或者使用更低版本的API。...
strsafe.h.zip
07-27
3个版本的strsafe.h
strsafe.rar
03-06
3个版本的strsafe.h strsafe.h specstrings.h stdarg.h strsafe.lib
c++ Include头文件资源包
08-10
收集整理得到的C++\C头文件资源包,包含470个文件,比较常见的Windows.h、Winnt.h、Specstrings.h等头文件均有包含
fastFDS安装包及win下客户端安装包
06-25
依赖包包括libfastcommon-master+FastDFS_v5.08.tar+VCForPython27+fdfs_client-py-1.2.6-jj 1、解决Windows下安装FastDFS报 Microsoft Visual C++ 9.0 is required Unable to find vcvarsall.bat 问题 2、解决Windows下安装FastDFS报 fdfs_client/sendfilemodule.c(53) fatal error C1189: #error : platfom not supported 问题,fdfs_client-py-1.2.6-jj 安装包已经修改过, 使用python setup.py install 安装
strsafe.h的include次序问题
weixin_41275864的博客
03-29 215
strsafe.h不能在windows.h, tchar.h, 包括很多C++的头文件,比如<map>,之前被include。否则编译的时候就会报windows.h, tchar.h, winbase.h...这些头文件中定义错误,或是重复定义。 所以,安全的做法是: 1. 在cpp文件中include <strsafe.h>,因为一般要include这个文件,都是要使用StringCch*函数,这些函数的使用一般都是在cpp中。 2. 在include的时候,要让strsaf
vs2010出现编译错误 fatal error C1189: #error : Need to include strsafe.h after tchar.h
射击与移动
09-22 5804
问题:vs2010出现编译错误 fatal error C1189: #error :  Need to include strsafe.h after tchar.h 解决办法: 在include之前增加 #include #include
vs2010出现编译错误 fatal error C1189: #error : Need to include strsafe.h after tchar.h
qq_27278957的博客
12-03 2029
简述 vs2010出现编译错误 fatal error C1189: #error : Need to include strsafe.h after tchar.h 解决方法 在头文件中最上边加上 #include "windows.h" #include &lt;tchar.h&gt;
关于vc6++编译DDK驱动出现的问题fatal error C1083: Cannot open include file: 'specstrings.h': No such file or dir
u014288349的博客
03-01 3546
在vc6++ INCLUDE加入此路径D:\WINDDK\3790.1830\INC\CRT
Name node is in safe mode.
最新发布
09-07
Name node is in safe mode是指HDFS中的NameNode处于安全模式。安全模式是在系统启动时检查各个DataNode上数据块的有效性的一种模式。在安全模式下,文件系统中的内容不允许修改或删除,直到安全模式结束。 当开启...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值