In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-15 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly explains "what are the high-risk functions of C++", interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn what are the high-risk functions of C++.
1.gets-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*fgets (char* dest, int n, stdin)
The premise is that we must know that n must be less than the size of the dest to ensure that the dest ends with 0 after the function is executed. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
Fgets (dest,MAX_SIZE-1,stdin)
.
2._getws-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using wchar_t*fgetws (wchar_t* dest, int n, stdin)
The premise is that we must know that n must be less than the size of the dest to ensure that the dest ends with 0 after the function is executed. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
Wmemset (dest,0,MAX_SIZE)
Fgetws (dest,MAX_SIZE-1,stdin)
.
3._getts-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using TCHAR * fgetts (TCHAR * dest, int n, stdin)
The premise is that we must know that n must be less than the size of the dest to ensure that the dest ends with 0 after the function is executed. Otherwise, it will still lead to unpredictable results.
Example:
.
TCHAR dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE*sizeof (TCHAR))
Fgetts (dest,MAX_SIZE-1,stdin)
.
4.strcpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*strncpy (char* dest, const char* src, size_t n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
.
Memset (dest,0,MAX_SIZE)
Strncpy (dest,src,MAX_SIZE-1)
.
5.lstrcpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using LPTSTRlstrcpyn (LPTSTR dest, LPCTSTR src, int n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Also note that the function lstrcpyn automatically fills 0 in bit n-1, regardless of whether there is valid data in bit n-1.
Example:
.
Char dest[MAX _ SIZE]
.
Lstrcpyn (dest,src,MAX_SIZE)
.
6.lstrcpyA-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using LPTSTRlstrcpyn (LPTSTR dest, LPCTSTR src, int n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Also note that the function lstrcpyn automatically fills 0 in bit n-1, regardless of whether there is valid data in bit n-1.
Example:
.
Char dest[MAX _ SIZE]
.
Lstrcpyn (dest,src,MAX_SIZE)
.
7.lstrcpyW-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using wchar_t*wcsncpy (wchar_t* dest, const wchar_t* src,size_t n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
.
Wmemset (dest,0,MAX_SIZE)
Wcsncpy (dest,src,MAX_SIZE-1)
.
8.wcscpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using wchar_t*wcsncpy (wchar_t* dest, const wchar_t* src,size_t n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
.
Wmemset (dest,0,MAX_SIZE)
Wcsncpy (dest,src,MAX_SIZE-1)
.
9._tcscpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using TCHAR*tcsncpy (TCHAR* dest, const TCHAR* src, size_tn)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
TCHAR dest[MAX _ SIZE]
.
Memset (dest,0,MAX_SIZE*sizeof (TCHAR))
Tcsncpy (dest,src,MAX_SIZE-1)
.
10._ftcscpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*_ftcsncpy (char* dest,const char* src, unsignedint n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
.
Memset (dest,0,MAX_SIZE)
_ ftcsncpy (dest,src,MAX_SIZE-1k)
.
11.StrCpy-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*strncpy (char* dest, const char* src, size_t n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
.
Memset (dest,0,MAX_SIZE)
Strncpy (dest,src,MAX_SIZE-1)
.
12.strcat-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*strncat (char* dest, const char* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
.
Strncat (dest,src,MAX_SIZE-strlen (dest)-1)
.
13.wcscat-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using wchar_t*wcsncat (wchar_t* dest, const wchar_t* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
Wmemset (dest,0,MAX_SIZE)
.
Wcsncat (dest,src,MAX_SIZE-wcslen (dest)-1)
.
14._mbscat-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using unsigned char* _ mbsncat (unsigned char*dest,constunsigned char* src, size_t n)
The premise is that we must know the size of the target cache dest and the length of the source cache src. Dest is first assigned with a value of 0 to ensure that it ends with 0. Otherwise, it will still lead to unpredictable results.
Example:
.
Unsigned char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
.
_ mbsncat (dest,src,MAX_SIZE-strlen (dest)-1)
.
15._tcscat-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*_tcsncat (char* dest, const char* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
.
_ tcsncat (dest,src,MAX_SIZE-strlen (dest)-1)
.
16.StrCat-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*strncat (char* dest, const char* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
.
Strncat (dest,src,MAX_SIZE-strlen (dest)-1)
.
17.StrCatA-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using char*strncat (char* dest, const char* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
.
Strncat (dest,src,MAX_SIZE-strlen (dest)-1)
.
18.StrCatW-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using wchar_t*wcsncat (wchar_t* dest, const wchar_t* src,size_t n)
The premise is that we must know the remaining size of the target cache dest and the length of the source cache src, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_t dest[MAX _ SIZE]
Wmemset (dest,0,MAX_SIZE)
.
Wcsncat (dest,src,MAX_SIZE-wcslen (dest)-1)
.
19.sprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using int _ snprintf (char* dest,size_t n, const char*format [, argument...])
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
_ snprintf (dest,MAX_SIZE-1,formatstring,args)
.
20.wsprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using intwnsprintf (LPTSTR dest, int n, LPCTSTR pszFmt)
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
Wnsprintf (dest,MAX_SIZE-1,pszFmt)
.
21.wsprintfA-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using intwnsprintf (LPTSTR dest, int n, LPCTSTR pszFmt)
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
Wnsprintf (dest,MAX_SIZE-1,pszFmt)
.
22.wsprintfW-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using intwnsprintf (LPTSTR dest, int n, LPCTSTR pszFmt)
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
Wnsprintf (dest,MAX_SIZE-1,pszFmt)
.
23.vsprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using int_vsnprintf (char* dest, size_t n, const char*format, va_list argptr)
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Char dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE)
_ vsnprintf (dest,MAX_SIZE-1,formatstring,args)
.
24.vswprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using int_vsnwprintf (wchar_t* dest, size_t n, const wchar_t*format, va_list argptr)
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
Wmemset (dest,0,MAX_SIZE)
_ vsnwprintf (dest,MAX_SIZE-1,formatstring,args)
.
25.swprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
Consider using int_snwprintf (wchar_t* dest, size_t n, const wchar_t*format [, argument...])
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
Wchar_ tdest[MAX _ SIZE]
Wmemset (dest,0,MAX_SIZE)
_ snwprintf (dest,MAX_SIZE-1,formatstring,args)
.
26._stprintf-High risk
Danger:
It has no security check and can easily lead to buffer overflow.
Recommendations:
You can consider using int_sntprintf (TCHAR* dest, siez_t NJ Const TCHAR*format [, argument...])
The premise is that we must make it clear that the length of the dest written to the target cache must be less than the size of the dest, and ensure that the dest ends with 0 after the function execution. Otherwise, it will still lead to unpredictable results.
Example:
.
TCHAR dest[MAX _ SIZE]
Memset (dest,0,MAX_SIZE*sizeof (TCHAR))
_ sntprintf (dest,MAX_SIZE-1,pszFmt)
.
At this point, I believe that everyone on the "C++ high-risk functions what are" have a deeper understanding, might as well to the actual operation of it! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
