C++ 'strcpy' 发出警告 (C4996)
我收到此警告,但所有功能都正常工作.
I am getting this warning but all functions working properly .
这到底意味着什么?
'strcpy': This function or variable may be unsafe.
Consider using strcpy_s instead. To disable deprecation,
use _CRT_SECURE_NO_WARNINGS. See online help for details.
推荐答案
这个函数 (strcpy) 被认为是不安全的,因为没有边界检查并且可能导致缓冲区溢出.(实际上 strcpy 因溢出漏洞而臭名昭著,所有程序员都避免使用它――或者至少应该避免使用它).建议是使用考虑目标缓冲区大小的安全函数以避免溢出.您也可以使用 strncpy (但要小心!).您的代码没有问题,即函数将按您说的方式运行,但尝试提供一个大于目标缓冲区的缓冲区作为输入.该函数将溢出目标缓冲区.检查这个也链接文本
This function (strcpy) is considered unsafe due to the fact that there is no bounds checking and can lead to buffer overflow. (Actually strcpy is infamous for overflow exploits and all programmers avoid it-or at least should avoid it). The advice is to use a safe function which takes into account the size of the destination buffer to avoid overflow. You could also use strncpy (BUT with caution!). There is no problem with your code, i.e. the functions will run as you say but try giving as input a buffer that is larger than the destination buffer. The function will overflow the destination buffer. Check this also link text
相关文章