发表新帖
发表新帖

Alternatives to MS strncpy_s

前端 未结
关注
10 1444
感情败类
感情败类 2020-12-20 20:15

What are some alternatives to the Microsoft security enhanced functions such as strncpy_s or _itoa_s? Although developing in MS environment the goa

相关标签:
10条回答
  • 迷失自我
    2020-12-20 20:51

    Just use strncpy and disable the warning in VC++.

    0 讨论(0)
  • 心在旅途
    2020-12-20 20:52 
    std::string s(Cstring, n);
    0 讨论(0)
  • 刺人心
    2020-12-20 20:52

    You could either provide an own implementation for platforms that don't have this function. Or use a macro to reduce the arguments by one and map to the standard string function.

    0 讨论(0)
  • 天命终不由人
    2020-12-20 20:56

    You may be interested in the Apache Portable Runtime project:

    The mission of the Apache Portable Runtime (APR) project is to create and maintain software libraries that provide a predictable and consistent interface to underlying platform-specific implementations.

    autoconf can also take care of some of these platform-specific differences (by setting #defines, etc), although my experience with it under Windows leaves something to be desired.

    0 讨论(0)
  • 醉话见心
    2020-12-20 21:05

    If you really want to program in C:

    Use the plain old standard strncpy.

    If you're programming in C++:

    Use the plain old standard string class std::string.

    (hint: You probably want the latter. C strings are just bugs waiting to happen, even if you use the "secure" *_s functions. C++ added a string class for a reason)

    0 讨论(0)
  • 滥情空心
    2020-12-20 21:06

    Yes, try the https://rurban.github.io/safeclib/.

    This is the platform independent implementation of the C11 Annex K on top of all libc's. It is mostly compatible to the Windows sec_api. Windows deviates a bit from the spec with some functions.

    strncpy_s is one of the most tricky APIs in the sec_api. Windows does not detect overflow of the two lengths, not an overlap of the two strings. And what to do when the 4th argument count = 0 is also questionable. The spec http://en.cppreference.com/w/c/string/byte/strncpy says A zero return value implies ... that the result in s1 is null terminated, but on windows this is wrong. It just aborts too early. See e.g. the wine implementation: https://github.com/mirror/reactos/blob/master/reactos/lib/sdk/crt/wine/heap.c#L577

    And for the _s secure suffix one should assume that wrongly copied bytes into the destination buffer are cleared from prying eyes when an run-time error occured. Not so on Windows with their sec_api. They just set the very first byte to 0.

    https://github.com/rurban/safeclib/releases

    0 讨论(0)
 看不清?
提交回复
热议问题