Strings in Windows programming

(1) In Win32 programming, how to use the string type

#include <string>using namespace std;

LPTSTR lpcmdline = L "Hello World";
string cmd = lpCmdLine;

(2) Character formatting basics:

Traditional ANSI characters are represented in the C language with the Char data type (1 bytes). When a string is declared in the source code, the compiler converts to an array of 8-bit char data types (ending with "/0")

Char c= ' a ';//a 8-bit character

Char szbuffer[100]= "a string";//An array containing 99 8-bit characters and a 8-bit terminator (/0)

Microsoft's C + + compiler defines a built-in data structure for Unicode, wchar_t, which represents a 16-bit Unicode (UTF-16) character.

wchar_t c=l ' a ';//A 16-bit character

wchar_t szbuffer[100]=l "a string";//An array containing 99 16-bit characters and a 16-bit terminator (/0)

string comparison function:

if (_stricmp ("Hello World", cmd.c_str ()) = = 0) {}

LSTRCMP a case-sensitive comparison of two strings
Lstrcmpi a case-insensitive comparison of two strings

(3) safe string handling functions in the C Runtime library

Typically, a function that modifies a string has a security risk that the buffer of the target string is not large enough to cause the data in memory to be corrupted.

For example:

WCHAR szbuffer[3]=l "";

wcscpy (szbuffer,l "abc");

The above example is the end of 0, need szbuffer[4] to be able to accommodate. However, there will be no errors or warnings at compile time.

For the above problem, we must use the "secure string handler function", this kind of function with _s end (secure meaning), we look at this kind of function prototype.

Ptstr _tcscpy (ptstr strdestination,pctstr strsource);

errno_t _tcscpy_s (ptstr strdestination,size_t numberofcharacters, Pctstr strsource);

Ptstr _tcscat (ptstr strdestination,pctstr strsource);

errno_t _tcscat_s (ptstr strdestination,size_t numberofcharacters, Pctstr strsource);

As you can see, when you use a buffer as the target buffer, you must provide the size of the buffer (the number of characters that can be accommodated), which is calculated by calling the _countof macro.

The primary task of this buffer size parameter is to verify that the buffer is large enough to hold the resulting data.

Now, when we call these security functions, we can check the returned errno_t value. Only the S_OK value is returned to indicate that the function call was successful. The other values can be referenced in the definition in errno.h.

Take a look at an example:

TCHAR szbuffer[3]=l "";

_tcscpy_s (Szbuffer,_countof (szbuffer), _t ("abc"));

After execution, the first character of Szbuffer is set to '/0 ', while all other bytes are set to 0xfd (padding).

(4) C runtime added functions: controlling how strings are truncated

This type of function has two versions, corresponding to ANSI and Unicode.

HRESULT StringCchCat (LPTSTR pszdest,size_t cchdest,lpctstr pszsrc); HRESULT Stringcchcatex (LPTSTR pszdest,size_t cchdest, LPCTSTR pszsrc,lptstr *ppszdestend,size_t *pcchremaining,dword DwFlags); HRESULT stringcchcopy (LPTSTR pszdest,size_t cchdest, LPCTSTR pszsrc); HRESULT Stringcchcopyex (LPTSTR pszdest,size_t cchdest, LPCTSTR pszsrc, LPTSTR *ppszdestend,size_t *pcchremaining,dword DwFlags);

As you can see, in the names of all methods, there is a "Cch", which represents count of characters, which is the number of characters. Typically obtained using _countof macros.

There are also functions that contain "CB", which means that the function requires the size to be specified by the number of bytes. Usually obtained using sizeof ().

These functions return HRESULT, the specific value

S_OK	Success. The destination buffer contains the source string and terminates with/0
Strsafe_e_invalid_parameter	Failed. Null was passed to a parameter
Strsafe_e_insufficient_buffer	Failed. The specified target buffer is too small to hold the entire source string

Unlike secure string handlers, when such a function runs, truncation is performed when the buffer is too small.

(5) Windows string processing function

The shlwapi.h defines a number of useful string functions that can be used to format operating system-related values.

For example, compare two strings for equality: You can use CompareString (Ex) or comparestringordinal for such a requirement.

CompareString (Ex) is typically used to display a string to the user.

Comparestringordinal are typically used to compare strings inside a program, such as path names, registry key values, and so on .

CompareString (EX) has a slower processing speed than comparestringordinal.

The return of these two functions is 0, which means that the call fails;

Return 1 (Cstr_less_than) indicates that string1 is less than string2;

Return 2 (Cstr_greater_than) indicates that string1 is greater than string2.

(6) recommended character handling methods

1. Use common data types and macros, such as TCHAR and _t

2. Think of the string as an array of characters rather than a char or byte array.

3. String-related calculations need to be modified. In particular, it is important to understand that many of the functions require the passing of a number of characters or bytes, as the former is obtained with _countof (), and, in the latter case, with (character number *sizeof (character type)).

4. Avoid converting ANSI and Unicode using the printf series functions. The correct approach is to use MultiByteToWideChar or WideCharToMultiByte.

5. Always use a secure string handler, _s or STRINGCCH, and use the latter if you want to control truncation.

6. Avoid using a buffer handler if the length of the target buffer is not included in the parameters of the function.

7. When comparing strings, use Comparestringordina and CompareString (Ex). The former is fast and suitable for handling strings inside the program, which is used to handle UI strings because it is appropriately sorted by locale and is slower.

　

Transfer from http://blog.csdn.net/shentao17792/article/details/5314312

Strings in Windows programming