Site Tools


Differences

This shows you the differences between two versions of the page.

Link to this comparison view

developer:bufferoverrun [2015/09/14] (current)
Line 1: Line 1:
 +====== Avoid Buffer Overruns in String function ======
 +> **Developer:​** //​[[developer:​cplusplusplugins|C++]]//​
 +> **Summary:​** //Discusses how to write safe string function.//
 +
 +===== Overview =====
 +Buffer overruns can be caused by passing buffers to functions without also passing the buffer'​s size.
 +
 +Consider the following function:
 +
 +<code c++>
 +int GetName( wchar_t* pInput )
 +{
 +  wchar_t* pBuffer = (wchar_t*)malloc(100);​
 +  wcscpy( pBuffer, pInput ); // might overrun buffer!
 +  wcscat( pBuffer, L"​.txt"​);​ // also might overrun buffer!
 +  <...>
 +}
 +</​code>​
 +
 +Use the following techniques to write safer functions.
 +
 +====1. Add a size_t argument for buffer size====
 +<code c++>
 +// Pass pointer to buffer and buffer size
 +int GetName( wchar_t* buffer, size_t buffer_size );
 +
 +// Ex:
 +wchar_t buffer[100];​
 +int rc = GetName( buffer, _countof(buffer) );
 +
 +// Ex:
 +const size_t kBufLen = 100;
 +wchar_t* pBuffer = new wchar_t[kBufLen];​
 +GetName( pBuffer, kBufLen );
 +<...>
 +delete pBuffer;
 +
 +// Ex:
 +const size_t kBufLen = 100;
 +ON_wString strBuffer;
 +strBuffer.ReserveArray( kBufLen );
 +GetName( strBuffer.Array(),​ kBufLen );
 +
 +// Ex:
 +const size_t kBufLen = 100;
 +CString strBuffer;
 +GetName( strBuffer.GetBuffer(kBufLen),​ kBufLen );
 +strBuffer.ReleaseBuffer();​
 +</​code>​
 +
 +====2. Change buffer argument to use a string object reference====
 +<code c++>
 +// Pass a reference to a ON_wString object
 +int GetName( ON_wString&​ str );
 +// Pass a reference to a CString object
 +int GetName( CString&​ str );
 +
 +// Ex:
 +ON_wString str;
 +int rc = GetName( str );
 +
 +// Ex:
 +CString str;
 +int rc = GetName( str );
 +</​code>​
 +
 +
 +
 +====3. Change buffer argument to a fixed size array reference====
 +<code c++>
 +// Pass a reference to a fixed size array
 +int GetName( wchar_t(&​buffer)[100] );
 +
 +// Ex:
 +wchar_t buffer[100];​
 +int rc = GetName( buffer );
 +</​code>​
 +
 +====4. Change buffer point argument to reference to a pointer====
 +<code c++>
 +// Pass a reference to a pointer
 +// API allocates buffer, caller required to free it
 +int GetName( wchar_t*&​ pBuffer );
 +
 +// Ex:
 +wchar_t* pBuffer = 0;
 +int rc = GetName( pBuffer );
 +<...>
 +delete pBuffer;
 +</​code>​
 +
 +\\
 +
 +{{tag>​Developer cplusplus}}
  
developer/bufferoverrun.txt ยท Last modified: 2015/09/14 (external edit)