Strsafe.h: More secure C-language string-handling functions

Source: Internet
Author: User

Source: Strsafe.h:safer String Handling in c:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ Dnsecure/html/strsafe.asp

During Microsoft Windows Security Push activities at Microsoft, a group of testers, program management managers, and ordinary programmers decided to tailor a set of string-handling functions for C to a higher level of safety, and wanted these functions to be available to Windows Used by programmers and programmers within Microsoft.

In short, the existing C-language run-time functions are hard to build on today's hostile attempts to attack the environment. These functions either lack consistency on the return value and parameters, or imply a so-called "truncation error" (Truncation errors) error, or do not provide powerful enough functionality. Frankly, the code that calls these functions is too easy to create a "memory overflow" problem.

We found that classes oriented to C + + programmers were sufficient to handle the programming needs of a variety of secure processing strings; they were able to select MFC's CString classes, ATL CComBSTR classes, or STL string classes, and so on. However, the classic C language program is still ubiquitous, not to mention many people are using C + + as an "improved C language" to use, but the rich C + + class on the shelf.

In fact, you just need to add one line of code, you can invoke the Safe Strsafe series function in the C language code, in detail see:

"Using The Strsafe.h functions": http://msdn.microsoft.com/en-us/library/ms647466.aspx

These new functions are included in a header file and a function library (optional), and both can be found in the newer Platform SDK. Yes, that's simple:

#include "strsafe.h"

What are you waiting for?

Again, the reference to the Strsafe function library is optional.

To achieve the goal of the Strsafe series function, your code must meet the following conditions:

Always ends a string with a NULL character.

Always detects the length of the target buffer.

Always produces a uniform return value with an HRESULT statement.

Both 32-bit and 64-bit operating environment.

With flexibility.

We feel that lack of uniformity is the root cause for many of the existing C-language string processing functions that are vulnerable to security vulnerabilities, and the high uniformity of Strsafe series functions is a good medicine to solve this problem. However, Strsafe is not a panacea. Relying solely on the Strsafe series functions does not guarantee the security and robustness of your code-you also have to start your brain-but that will help solve the problem.

Here's a section of code that uses the classic C language run-time function:

void UnsafeFunc(LPTSTR szPath,DWORD cchPath) {

TCHAR szCWD[MAX_PATH];


GetCurrentDirectory(ARRAYSIZE(szCWD), szCWD);

strncpy(szPath, szCWD, cchPath);

strncat(szPath, TEXT("\\"), cchPath);

strncat(szPath, TEXT("desktop.ini"),cchPath);
}

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.