strcpy（）不安全 [英] strcpy() is unsafe

问题描述

我已经尝试了_CRT_SECURE_NO_WARNINGS定义，在包含标题之前的代码中使用_CRT_SECURE_NO_DEPRECATION定义并且弃用允许代码运行但是HMODULE const handle = LoadLibraryExW（name，nullptr，LOAD_LIBRARY_SEARCH_SYSTEM32）
仍然抛出异常  strcpy_s（ps，sizeof（animal），animal）也不起作用。 我正在阅读第158页的第6版C ++ Primer Plus，其中有一个使用指针和字符串的示例。 我确信有一些
程序员已经意识到这个问题。 但这是本书中的代码示例：

#include< iostream>

#include< cstring>



使用std :: cout;

使用std :: endl;

使用std :: cin;
$


int main（）

{

char animal [20] =" bear"; $
const char * bird =" wren" ;;

char * ps;



cout<<动物<< "和";&
cout<<鸟<< " \ n" ;;

// cout<< ps<< " \ n";
$


cout<< "输入一种动物："; $
cin>>动物;

// cin>> ps;
$


ps = animal;

cout<< ps<< "！\ n"; $
cout<< "在使用strcpy（）之前：\ n" ;;

cout<<动物<< "在" << （int *）animal<< endl;

cout<< ps<< "在" << （int *）ps<< endl;
$


ps = new char [strlen（animal）+ 1];

strcpy_s（ps，sizeof（animal），animal）;  &NBSP;   //这就是问题。



cout<< "使用strcpy之后：\ n";;
cout<<动物<< "在" << （int *）animal<< endl;

cout<< ps<< "在" << （int *）ps<< endl;

delete [] ps;

cout<< endl<< "按任意键退出..." << endl;

cin.get（）;

返回0;

}

我只是想确定我是怎么理解的这应该是当前编码的，我在搜索中找到的任何内容都给出了一个很好的答案。

解决方案

< blockquote>

char animal [20] =" bear";


ps = new char [strlen（animal）+ 1];

strcpy_s（ps，sizeof（animal），animal）;  &NBSP;   //这就是问题。

算一算。



这是多少个字符？


strlen（动物）+ 1



这是多少个字符？



sizeof （动物）



如果你在strcpy_s中使用与你在新[]中使用相同大小的话，会发生什么？$ b / b >


strcpy_s（ps，strlen（动物）+ 1，动物）;



- Wayne

I have tried _CRT_SECURE_NO_WARNINGS definition, _CRT_SECURE_NO_DEPRECATION definition in the code prior to including headers and deprecation allowed the code to run but HMODULE const handle = LoadLibraryExW(name, nullptr, LOAD_LIBRARY_SEARCH_SYSTEM32) still threw an exception.  strcpy_s(ps, sizeof(animal), animal) does not work either.  I am working through the 6th edition of C++ Primer Plus on page 158 with an example of the use of pointers and strings.  I am sure there are a few programmers that are aware of the problem.  But here is the code example from the book:

#include <iostream>
#include <cstring>

using std::cout;
using std::endl;
using std::cin;

int main()
{
char animal[20] = "bear";
const char* bird = "wren";
char* ps;

cout << animal << " and ";
cout << bird << "\n";
//cout << ps << "\n";

cout << "Enter a kind of animal: ";
cin >> animal;
//cin >> ps;

ps = animal;
cout << ps << "!\n";
cout << "Before using strcpy():\n";
cout << animal << " at " << (int*)animal << endl;
cout << ps << " at " << (int*)ps << endl;

ps = new char[strlen(animal) + 1];
strcpy_s(ps, sizeof(animal), animal);     // this is the problem.

cout << "After using strcpy:\n";
cout << animal << " at " << (int*)animal << endl;
cout << ps << " at " << (int*)ps << endl;
delete[] ps;
cout << endl << "Press any key to exit..." << endl;
cin.get();
return 0;
}

I am only trying to make sure I understand how this is supposed to be coded currently and nothing I have found in searches has given a good answer.

解决方案

char animal[20] = "bear";

ps = new char[strlen(animal) + 1];
strcpy_s(ps, sizeof(animal), animal);     // this is the problem.

Do the math.

How many characters is this?

strlen(animal) + 1

How many characters is this?

sizeof(animal)

See what happens if you use the same size in the strcpy_s as you used
in the new[]

strcpy_s(ps, strlen(animal) + 1, animal);

- Wayne

这篇关于strcpy（）不安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！