tr24731

问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 3 years ago . Improve this question What is unsafe with fopen that's more safe with fopen_s ? How can fopen be used in a safe way (if possible)? (I don't want to know how to suppress the warning - there are enough stackoverflow articles that answer that question) Edit: Question was closed

问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 3 years ago . Improve this question What is unsafe with fopen that's more safe with fopen_s ? How can fopen be used in a safe way (if possible)? (I don't want to know how to suppress the warning - there are enough stackoverflow articles that answer that question) Edit: Question was closed

问题 Since a quick Google search did not find anything, I will try to ask here (since many people involved in gcc/clang hang around here) - What is the status of __STDC_LIB_EXT1__ in gcc/clang? We are developing a cross platform applicataion and I wanted to use some of the safe bounds checking functions from <stdio.h> (which by miracle are available on Visual Studio 2017), but could not compile the code with Xcode 9.2. I assumed maybe the clang version Xcode uses is outdated, but gcc 6.3.0 on

问题 I'm trying to find which header to include for strerrorlen_s function from C11 standard under MSVC 2017 . I need it for allocating space for error message which to get with strerror_s . The code is the following: auto size = strerrorlen_s(errno) + 1; char* errorReason = (char*)alloca(size); strerror_s(errorReason, size, errno); std::ostringstream oss; oss << "Cannot open: " << fileName << " Reason: " << errorReason; throw std::runtime_error(oss.str()); In the documentation are the following

问题 I'm working on legacy code for Windows platform. When I compile the code in VS2013 , it give following warning: error C4996: ' fopen ': This function or variable may be unsafe. Consider using fopen_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details." And it will also give samiliar warning for sprintf . I understand sprintf_s is more safe than sprintf because of buffer overflow. But how can be fopen_s be more safe than fopen , there is no chance of

问题 The following code causes an error and kills my application. It makes sense as the buffer is only 10 bytes long and the text is 22 bytes long (buffer overflow). char buffer[10]; int length = sprintf_s( buffer, 10, "1234567890.1234567890." ); How do I catch this error so I can report it instead of crashing my application? Edit: After reading the comments below I went with _snprintf_s. If it returns a -1 value then the buffer was not updated. length = _snprintf_s( buffer, 10, 9, "123456789" );

问题 Using the function strcpy in MS Visual Studio gives me an error saying I should use strcpy_s which is safer to use. Is strcpy_s part of the C++ standard? Or is it only part of Microsoft Visual C++? Will code containing strcpy_s only compile in Visual Studio? 回答1: strcpy_s() is an optional part of C11 (more formally called a "conditional feature". Implementations are permitted to not implement the "Bounds-checking interfaces" standardized in Annex K. Some other conditional features of C11

问题 Here is my dead simple dummy code: #include <errno.h> int main(void) { errno_t e; return 0; } Which surprisingly raises this error: main.c:5:5: error: use of undeclared identifier 'errno_t' errno_t x; ^ I started to follow the traces : when the compiler sees the <...> inclusions it will first look at /usr/include where of course I found errno.h file. Actually it has a single line in it, besides the license comment, which is: #include <sys/errno.h> Now, at /usr/include/sys in errno.h I found

问题 I have a C++11 project, and I added some strcpy_s method calls. This works on windows, but when compiling on gcc, there is an error stating that strcpy_s symbol is not found. I did add the line #define __STDC_WANT_LIB_EXT1__ 1 to the code, to no avail. 回答1: GCC (or rather, glibc) does not support strcpy_s() and friends. For some ideas on where you can find a library which does support them, see here: Are there any free implementations of strcpy_s and/or TR24731-1? 回答2: strcpy_s and friends

问题 _s functions, such as scanf_s , printf_s seems to be optional standard. MSVC has implemented these functions, but gcc hasn't. Is there specific reason for not implementing secure functions? Is scanf of gcc secure enough? 回答1: The _s functions are optional (Annex K of the C11 standard). They're widely regarded as 'not very beneficial'. In the answers to my question Do you use the TR-24731 "safe" functions?, you can find information about where there are problems with the standard specification