Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / Languages / Managed C++ / November 2004

Tip: Looking for answers? Try searching our database.

Secure CRT string functions

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Bonj - 26 Nov 2004 20:52 GMT
Can anyone tell me if this is the correct usage of the new string functions?
//(lpalp is basically just an object that is a struct that contains a
_TCHAR* and its length)

size_t destlen = (size_t)lpalp->maxbufferlen;
_TCHAR username[TEXTLIMIT + 1], password[TEXTLIMIT + 1];
UINT uLenUsername = GetDlgItemText(hWnd, IDC_USERNAME, username, TEXTLIMIT),
uLenPassword = GetDlgItemText(hWnd, IDC_PASSWORD, password, TEXTLIMIT);

#if _MSC_VER >= 1400
     _tcscpy_s(lpalp->buffer, destlen, _T("User ID="));
     _tcsncat_s(lpalp->buffer, destlen, username, (size_t)uLenUsername);
     _tcscat_s(lpalp->buffer, destlen, _T(";Password="));
     _tcsncat_s(lpalp->buffer, destlen, password, uLenPassword);
#else
     long charsleft = lpalp->maxbufferlen - 1;
     _tcsncpy(lpalp->buffer, U_PREFIX, charsleft); charsleft -=
_tcslen(U_PREFIX);
     _tcsncat(lpalp->buffer, username, charsleft); charsleft -=
uLenUsername;
     _tcsncat(lpalp->buffer, P_PREFIX, charsleft); charsleft -=
_tcslen(P_PREFIX);
     _tcsncat(lpalp->buffer, password, charsleft);
#endif

Have I got it right by this?
Reply to this Message
Steve Friedl [MVP] - 28 Nov 2004 17:27 GMT
> size_t destlen = (size_t)lpalp->maxbufferlen;
> _TCHAR username[TEXTLIMIT + 1], password[TEXTLIMIT + 1];
[quoted text clipped - 16 lines]
>       _tcsncat(lpalp->buffer, password, charsleft);
> #endif

This is really the hard way, and though it looks mostly right on a technical
basis, this is so tedious that it takes the patience of St. Francis to do
this everywhere. Why not use _sntprintf, which does the formatting for you
(though it doesn't automatically add the NUL byte, dammit):

_sntprintf(lpalp->buffer, lpalp->maxbufferlen,
   _T("User ID=%s;Password=%s"),
   username,
   password);
lpalp->buffer[ lpalp->maxbufferlen-1 ] = '\0';

This way your purpose is very clear, it's safe, and it's portable.

~~ Steve
Reply to this Message
Bonj - 28 Nov 2004 18:24 GMT
oh god yes, that's much better
Thanks Steve!

>> size_t destlen = (size_t)lpalp->maxbufferlen;
>> _TCHAR username[TEXTLIMIT + 1], password[TEXTLIMIT + 1];
[quoted text clipped - 33 lines]
>
> ~~ Steve
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.