如何摆脱“不安全"? Visual Studio中的警告/错误(strcpy，sprintf，strdup) [英] How to get rid of "unsafe" warnings / errors in Visual Studio (strcpy, sprintf, strdup)

问题描述

我试图摆脱一些编译器警告，这些警告说strcpy，sprintf等不安全. 我知道为什么它们不安全，但是我想不出以C ++风格修复代码的好方法.

I'm trying to get rid of some compiler warnings that say strcpy, sprintf, etc are unsafe. I get why they're unsafe, but I can't think of a good way to fix the code, in a C++ style.

以下是代码摘录:

extList->names[i]=(char *)malloc(length*sizeof(char));
strcpy(extList->names[i],extName);                     // unsafe
// strncpy(extList->names[i],extName,length);          // also unsafe

这是消息:

C4996:'strcpy':此函数或变量可能是 不安全.考虑改用strcpy_s.要禁用弃用，请使用 _CRT_SECURE_NO_WARNINGS.有关详细信息，请参见在线帮助.

C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.

在不知道要复制的内容长度的情况下，我想不出一种安全的方法来在C ++中复制数据. 我知道这里有strlen()，但这也不安全，因为它假设(可能是错误地)假设数据以null结尾.

I can't think of a safe way to copy the data over in C++ without knowing the length of the stuff to copy. I know there's strlen(), but that's also unsafe since it assumes (maybe incorrectly) that the data is null-terminated.

也:

// used to concatenate:
sprintf(extStr,"%s%s",platExtStr,glExtStr);

C4996:'sprintf':此函数或变量可能不安全.考虑 而是使用sprintf_s.要禁用弃用，请使用 _CRT_SECURE_NO_WARNINGS.有关详细信息，请参见在线帮助.

C4996: 'sprintf': This function or variable may be unsafe. Consider using sprintf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.

使用std :: string进行连接很容易，但是随后我需要以某种方式将数据获取到extStr中(而不是使用strcpy，lol). string :: c_str()函数返回一个指向不可修改数据的指针，因此我不能仅将extStr设置为等于它. (而且我什至不确定c_str()指针是否需要稍后调用它的delete?它是否使用"new"分配空间?)

Using std::string to concatenate is easy enough, but then I need to get the data into extStr somehow (and not using strcpy, lol). The string::c_str() function returns a pointer to un-modifiable data, so I can't just set extStr equal to it. (And I'm not even sure if the c_str() pointer needs delete called on it later? Does it allocate space using "new"?)

对这个东西有什么建议吗? 这是10,000行文件的一部分，这不是我的文件，所以我不太想用C ++方式重写它.

Any advice on this stuff? This is part of a 10,000 line file that's not mine... so I'm not exactly keen on re-writing the thing in the C++ way.

推荐答案

您实际上并不需要编译指示来禁用它们.

You don't really need pragmas to disable them.

对于win32/msvc，在ProjectProperties->配置属性-> C/C ++-> Preprocessor-> Preprocessor Definitions中，添加以下宏:

For win32/msvc, in ProjectProperties -> Configuration Properties -> C/C++ -> Preprocessor -> Preprocessor Definitions, add following macros:

_CRT_SECURE_NO_DEPRECATE  
_CRT_NONSTDC_NO_DEPRECATE

或者您可以在命令行参数中传递(-D_CRT_SECURE_NO_DEPRECATE).您可能可以在某些* .cpp文件的开头#define它们. 另外，它们可能更多(请参阅crtdefs.h-看起来有很多...).这些警告通常会告诉您可以使用哪些宏禁用它们-只需读取编译器输出即可.

Or you can pass thos in command line parameters (-D_CRT_SECURE_NO_DEPRECATE). You can probably #define them at the beginning of certain *.cpp files. Also, there are probably more of them (see crtdefs.h - looks like there are a lot of them...). Those kind of warnings normally tell you with which macros you can disable them - just read compiler output.

这篇关于如何摆脱“不安全"? Visual Studio中的警告/错误(strcpy，sprintf，strdup)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！