stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Farid Zaripov <Farid_Zari...@epam.com>
Subject MSVC8 CRT "Secure Template Overloads" feature and stdcxx
Date Tue, 12 Jun 2007 17:36:25 GMT
  The MSVC8 CRT have the following feature: all  functions, working with 
sting buffers
(i.e. strcpy, strcat, sprintf, ...) have the security-enhanced versions 
with suffix "_s"
(i.e. strcpy_s, strcat_s, sprintf_s, ...). And if #defined macro
_CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES=1
then will be defined template overloads of the such functions, i.e.:

  template <size_t size>
  char *strcpy(char (&dest)[size], const char *src)
  {
     return strcpy_s(dest, size, src);
  }

  So that the following code:

  char szBuf[10];
  strcpy(szBuf, "test");

  will be replaced to:

  char szBuf[10];
  strcpy<10>(szBuf, "test");

  but the following code:

  char *szBuf = new char [10];
  strcpy(szBuf, "test");

  will be leaved as is.

  The full information on this topic here: 
http://msdn2.microsoft.com/en-us/library/ms175759(VS.80).aspx

  I've tried to compile the stdcxx library with defined 
_CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES=1
and _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES_COUNT=1, but the configure 
step has failed to
detect this functions because of the compiler cannot decide which 
function address is taken.

  Here the list of the that functions:

<cstdio>: gets sprintf tmpnam vsprintf
<cstdlib>: div mbstowcs wcstombs
<cstring>: strcat strcpy strncat strncpy
<cwchar>: mbsrtowcs swprintf vswprintf wcrtomb wcscat wcscpy wcsncat 
wcsncpy wcsrtombs

  The div(int, int) function failed to detect because of the presence 
the "extern C++" div(long, long) overload.

  I propose to make changes in headers.inc file to check this functions 
not by takig the address, but by call the functions.

  The proposed patch is attached, but I not sure about passing 0 as 
va_list argument while testing vsprintf() and vswprintf().
 
Farid.


Mime
View raw message