Strsafe.h Buffer Handling (Windows CE 5.0)
Developing an Application > Safe String Functions
Poor buffer handling is implicated in many security issues that involve buffer overruns.
The functions defined in Strsafe.h provide additional processing for proper buffer handling in your code. For this reason, they are intended to replace their built-in C/C++ counterparts as well as specific Microsoft Windows implementations.
Strsafe.h can be obtained by downloading the Windows Core software development kit (SDK) from the SDK Update site.
The following are advantages of Strsafe functions:
- The size of the destination buffer is always provided to the function to ensure that the function does not write past the end of the buffer.
- Buffers are guaranteed to be null-terminated, even if the operation truncates the intended result.
- All functions return an HRESULT, with only one possible success code (S_OK).
- Each function is available in a corresponding character count (cch) or byte count (cb) version.
- Most functions have an extended ("Ex") version available for advanced functionality.
See Also
StrSafe.h Character-Count Functions |
StrSafe.h Byte-Count Functions | Using Strsafe.h
Send Feedback on this topic to the authors