Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
382 views
in Technique[技术] by (71.8m points)

c++ - Compiler Error: Function call with parameters that may be unsafe

Got some code that is not mine and its producing this warning atm:

iehtmlwin.cpp(264) : warning C4996: 'std::basic_string<_Elem,_Traits,_Ax>::copy': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
        with
        [
            _Elem=char,
            _Traits=std::char_traits<char>,
            _Ax=std::allocator<char>
        ]
        c:program files (x86)microsoft visual studio 8vcincludexstring(1680) : see declaration of 'std::basic_string<_Elem,_Traits,_Ax>::copy'
        with
        [
            _Elem=char,
            _Traits=std::char_traits<char>,
            _Ax=std::allocator<char>
        ]

this is the code in question:

HRESULT STDMETHODCALLTYPE Read(void __RPC_FAR *pv, ULONG cb, ULONG __RPC_FAR *pcbRead)
    {
        if (prepend.size() > 0)
        {
            int n = min(prepend.size(), cb);
            prepend.copy((char *) pv, n);
            prepend = prepend.substr(n);
            if (pcbRead)
                *pcbRead = n;

            return S_OK;
        };

        int rc = Read((char *) pv, cb);
        if (pcbRead)
            *pcbRead = rc;

        return S_OK;
    };

and the warning refers to the prepend.copy line. I have tried googling the warning but cant work out what it is on about. Can some one help me solve this please.

Visual Studio 2005 SP1 Windows 7 RC1

.

Edit: prepend is a string which is typedefed

typedef basic_string<char, char_traits<char>, allocator<char> > string;
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

The warning is telling you that you risk a buffer overflow if n is too large -- which you know can't happen because of the way you just computed with a min, but the poor commpiler doesn't. I suggest you take the compiler's own advice and use -D_SCL_SECURE_NO_WARNINGS for this one source file...


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...