Visual Studio 2015中的安全功能
[英]Safe functions in visual studio 2015
问题描述
While coding C under windows,visual studio 2015,I found my self forced to amend my code due to the deprecated functions,by adding a second parameter,and of course using a safe function(eg ending with _s). 
在Visual Studio 2015的Windows下的Windows下对C进行编码时,我发现由于不推荐使用的功能,我不得不修改自己的代码,方法是添加第二个参数,当然还要使用安全功能(例如,以_s结尾)。
I was wondering,do these functions exist in the C standard library,and will i be able to compile them with a C compiler if I transfer them to my linux partition? 我想知道,这些功能是否存在于C标准库中,如果将它们转移到linux分区中,是否可以使用C编译器进行编译?
My concern arose when i was writing a string flip about an offset function: 当我编写有关偏移函数的字符串翻转时,引起了我的担忧:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
char *flipstr(char *str, size_t size, size_t offset);
int main(int , char **)
{
char str[] = "JonSon";
char *p = flipstr(str, sizeof(str), 3);
if (p) {
printf("%s\n", p);
}
return 0;
}
char *flipstr(char *str, size_t size, size_t offset)
{
if (offset > strlen(str)) {
return NULL;
}
char *tmp = (char *)calloc(size, sizeof(char));
strncpy_s(tmp, size, str, offset);
memmove(str, str + offset, strlen(str + offset));
memcpy(str + strlen(str + offset), tmp, strlen(tmp));
free(tmp);
return str;
}
2 个解决方案
解决方案1
5 已采纳 2016-05-26 11:35:09
No, most of them aren't standard and you shouldn't use them just because somebody in Microsoft decided to "deprecate" half the standard library in favor of their non-standard extensions. 不,它们大多数不是标准的,您不应仅仅因为Microsoft中的某人决定“弃用”一半的标准库以支持其非标准扩展而使用它们。 Sure, there is some justification of what they did, but in the end it's simply ridiculous. 当然,他们的所作所为有一定道理,但最终这简直太荒谬了。 You are better to disable the warnings and write a portable C/C++. 最好禁用警告并编写可移植的C / C ++。
解决方案2
0 2016-05-26 11:49:31
There are several issues here... 这里有几个问题...
First of all, there is nothing wrong with using strcpy , that's a myth. 首先, 使用strcpy并没有错 ,这是一个神话。 And it is not deprecated, that's just Microsoft gaga. 它并不被弃用,那只是微软的加加。
Second, strncpy was never intended to be a safe version of strcpy . 第二, strncpy从来都不是strcpy的安全版本 。 It was never intended to be used for anything but an old, non-standard string format in ancient Unix. 它从来没有打算用于古代Unix中的旧的,非标准的字符串格式。
Third, strncpy is unsafe and dangerous. 第三, strncpy是不安全和危险的。 See this and this . 看到这个和这个 。 Plenty of blogs about this to be found. 关于此的大量博客都可以找到。
So forget about strncpy , and consequently, also forget about strncpy_s . 因此,忘记了strncpy ,因此也忘记了strncpy_s 。 There is actually a function called strncpy_s in the C11 bounds-checking interface (which isn't mandatory for compilers to implement). 实际上,C11边界检查接口中有一个名为strncpy_s的函数(编译器无需强制实现)。
If this C11 standard function is fully compatible with non-standard Microsoft junk functions with the same name, I have no idea. 如果此C11标准功能与具有相同名称的非标准Microsoft垃圾功能完全兼容,我也不知道。 I wouldn't count on it. 我不会指望它。 But since Visual Studio 2015 is an ancient compiler from the early 90s, C11 is not something you can use anyhow. 但是由于Visual Studio 2015是90年代初期的古老编译器,因此无论如何都不能使用C11。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.