1. Begin to think of the text string as an array of characters rather than a char or byte array.
2. Use generics (such as TCHAR/PTSTR) for text characters and strings.
3. Use explicit data types (byte and pbyte) for byte, byte pointers, and data buffers.
4. Use text or _t macros for literal characters and strings, but for consistency and better readability,
Avoid mixing them.
5. Perform a global substitution. (for example, replace PSTR with PTSTR).
6. Modify the string arithmetic problem. For example, a function often wants you to pass the number of characters to its buffer, not the number of bytes.
This means that you should pass in _countof (szbuffer) instead of sizeof (szbuffer).
Also, if you need to allocate a block of memory to a string and know the number of characters in the string, remember that memory is allocated in bytes.
This means that you must call malloc (Ncharacters*sizeof (TCHAR)) instead of calling malloc (Ncharacters).
In all the basic guidelines listed earlier, this is one of the hardest to remember, and if there is an error, the compiler will not provide any warnings or error messages.
Therefore, it is better to define a macro to avoid making mistakes:
#define Chmalloc (ncharacters) (tchar*) malloc (ncharacters * sizeof (TCHAR))
7. Avoid using the functions of the printf system, especially if you do not use the%s and%s field types for the conversion between ANSI and string.
The correct approach is to use the MultiByteToWideChar and WideCharToMultiByte functions.
8. The UNICODE and _unicode symbols are either specified, or none are specified.
For string processing functions, the following guidelines are available:
1. Always use secure string handling functions, such as those with the suffix _s, or the prefix stringcch.
The latter is primarily used when you want to explicitly control truncation, and if you do not want to explicitly control truncation, the former is preferred.
2. Do not use unsafe C run-Library string processing functions.
In general, any buffer processing routine that you use or implement must obtain the length of the target buffer as a parameter.
The C Runtime Library provides a series of buffer handling substitution functions, such as memcpy_s,memmove_s,wmemcpy_s or wmemmove_s.
All of these methods are available as long as the __stdc_want_secure_lib__ symbol is defined, and this symbol is defined by default CrtDefs.h.
Therefore, do not undef the _stdc_want_secure_lib__.
3. Use the/GS and/RTCS compiler flags to automatically detect buffer overflows.
4. Do not use the Kernel32 method for string processing, such as Lstrcat and lstrcpy.
5. In our code, we need to compare two types of strings. Where the string for the programming class includes the file name, path, XML element/attribute, registry key/value, and so on.
For these strings, you should use comparestringordinal to compare them.
Because it is very fast and does not take into account the user's locale settings. This is perfectly reasonable.
Because no matter where the program is running in the world, this string is immutable.
User strings are typically displayed on the user interface. For these strings, you should use CompareString (Ex) to compare them.
Because when comparing strings, it takes into account the user's locale settings.
Some tips for working with ANSI and Unicode strings under Windows