为什么的strtok()视为不安全? [英] Why is strtok() Considered Unsafe?
本文介绍了为什么的strtok()视为不安全?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
什么 strtok的
的功能(s)是不安全的(缓冲区溢出而言),我需要注意的?
什么是有点怪我是 strtok_s
(这是安全)在Visual C ++有一个额外的背景参数,但它看起来像它一样在其他方面...是一样的,或者是它实际上有什么不同?
解决方案
与这个文件:
6.7.3.1的strtok_s功能本strtok_s功能修复的两个问题
在strtok的功能:
- 新增参数s1max,prevents从存储的外部strtok_s
字符串被标记化。 (字符串
被分成令牌既是
输入并且由于功能的输出
strtok_s店空字符转换成
该字符串。)
- 的新参数,PTR,消除静态的内部状态
prevents被重入函数strtok
(子条款1.1.12)。 (在ISO / IEC 9899
功能wcstok和ISO / IEC 9945
(POSIX)函数strtok_r解决这个问题
问题相同。)
块引用>What feature(s) of
strtok
is unsafe (in terms of buffer overflow) that I need to watch out for?What's a little weird to me is that
strtok_s
(which is "safe") in Visual C++ has an extra "context" parameter, but it looks like it's the same in other ways... is it the same, or is it actually different?解决方案According with the strtok_s section of this document:
6.7.3.1 The strtok_s function The strtok_s function fixes two problems in the strtok function:
- A new parameter, s1max, prevents strtok_s from storing outside of the string being tokenized. (The string being divided into tokens is both an input and output of the function since strtok_s stores null characters into the string.)
- A new parameter, ptr, eliminates the static internal state that prevents strtok from being re-entrant (Subclause 1.1.12). (The ISO/IEC 9899 function wcstok and the ISO/IEC 9945 (POSIX) function strtok_r fix this problem identically.)
这篇关于为什么的strtok()视为不安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文