Reply To: dll and C question

Product Compare Forums Multi-Edit Support dll and C question Reply To: dll and C question

Michal Vodicka

Yes, strsafe.h is supported and recommended by MS. Citation from the January 2004 MSDN:

During the Microsoft® Windows® Security Push, a group of testers, program managers, and programmers decided to define and create a set of safer string handling functions for the C programming language. The aim was to provide a set of functions that could be used by Windows developers and developers across Microsoft.

Simply put, the existing C-runtime functions are not good enough in light of today’s hostile environment. The current functions have inconsistent return values and parameters, truncation errors, and lack advanced functionality. Frankly, it is too easy to write code with buffer overruns when using the existing functions.

We found that for C++ developers there are plenty of classes available in MFC (CString), ATL (CComBSTR), STL (string), and other class libraries that do string manipulation well. However, a lot of C code still exists today, and many people use C++ as a ‘better C’ and do not use classes.

Enter strsafe (see Using the Strsafe.h Functions), made up of a header file and an optional library, included with newer versions of the Platform SDK. All you need to do to your source code is add one line:

#include “strsafe.h”

And go!

Remember, using the library implementation is optional.

The main requirements when designing strsafe were:

Always NULL-terminate the string.
Always take a destination buffer size.
Always return consistent return codes (an HRESULT).
Support 32-bit and 64-bit environments.

We feel it is a lack of uniformity that makes many existing C runtime string-handling functions susceptible to security errors, and the extra consistency in strsafe should help remedy the problem. Note that strsafe is not a panacea. Simply using the new functions will not make your code secure and robust—you must still engage your brain—but it will help!