_stprintf [MFC]

Prev: Wbemuuid.lib(wbemcli_i.obj) : fatal error LNK1103:
Next: File Save As Dialog

From: Vipin on 30 Jul 2006 01:55

using StringCchPrintf would need linking to strsafe.lib. The issue of buffer
overflow can be handled with snprintf and alike.

--
Vipin Aravind
http://www.explorewindows.com

"Joseph M. Newcomer" <newcomer(a)flounder.com> wrote in message
news:e57oc2lrr2nd1j0nt83h8e7h02ahjsbqih(a)4ax.com...
> It cannot be causing a "storage leak" since there is no allocation
> involved.
>
> You should generally avoid _stprintf whenever possible. Use
> CString::Format as the
> preferred choice. If you MUST use some form like _stprintf, use
> StringCchPrintf (I think
> that's the name, but search for strsafe.h on the MSDN) which at least will
> avoid any
> possibility of buffer overflow
>
> It would help a lot if you did something like
>
> StringCchPrintf(_T("%c"), B, sizeof(B) / sizeof(TCHAR), (BYTE)('a' + i));
>
> This eliminates several problems:
> 1. No buffer overflow if you make an error
> 2. The value is not treated as a signed value and therefore sign extended
> (see problem 1)
>
> However, your actual problem is even simpler; it would have been better to
> do
> TCHAR B[2];
> B[0] = _T('a') + i;
> B[1] = _T('\'0');
>
> which eliminates the need to call a subroutine to do a fundamentally
> trivial computation.
>
> I assume you meant %c because %a is not documented.
> joe
>
> On Sat, 29 Jul 2006 13:17:02 -0700, Sonu <sonu(a)online.nospam> wrote:
>
>>Hello all,
>>I am having trouble with _stprintf(). It's a Unicode application.
>>
>>TCHAR B[5];
>>_stprintf( B, _T("%a"), 'a' + i);
>>
>>so if the value if i=9, I want B to be "j". But instead the value in B is
>>"-0x1.c39360p+117"
>>
>>And this is causing all kinds of memory leaks and strange behaviours...
>>
>>Any help appreciated
>>Thanks
>>Srishti
> Joseph M. Newcomer [MVP]
> email: newcomer(a)flounder.com
> Web: http://www.flounder.com
> MVP Tips: http://www.flounder.com/mvp_tips.htm

From: Mihai N. on 30 Jul 2006 04:35

> StringCchPrintf(_T("%c"), B, sizeof(B) / sizeof(TCHAR), (BYTE)('a' + i));
Casting to BYTE first is a problem.
If i is a high-value Unicode thing, the result is truncated.

But I have to also wonder why someone would add something to a character.
The only reasonable use for that would be some kind of encryption.
But that has to be thought out for Unicode, when migrating.
And, in general, home-brewed encryption algorithms are bad idea.

--
Mihai Nita [Microsoft MVP, Windows - SDK]
http://www.mihai-nita.net
------------------------------------------
Replace _year_ with _ to get the real email

From: Mihai N. on 30 Jul 2006 04:35

From: Joseph M. Newcomer on 30 Jul 2006 17:22

Good point. I was not being careful enough; that should have been WORD (there is no
UTCHAR as far as I know). It can't be a signed value such as TCHAR because then it will
sign-extend when it converts it to an integer.

Homebrewed encryption is *always* a bad idea, but I suspect this is more likely trying to
do some kind of character conversion.

(There are very few people who can successfully do data encryption; one of the few I
personally know has a PhD and his dissertation was on encryption algorithms)
joe

On Sun, 30 Jul 2006 01:35:30 -0700, "Mihai N." <nmihai_year_2000(a)yahoo.com> wrote:

>> StringCchPrintf(_T("%c"), B, sizeof(B) / sizeof(TCHAR), (BYTE)('a' + i));
>Casting to BYTE first is a problem.
>If i is a high-value Unicode thing, the result is truncated.
>
>But I have to also wonder why someone would add something to a character.
>The only reasonable use for that would be some kind of encryption.
>But that has to be thought out for Unicode, when migrating.
>And, in general, home-brewed encryption algorithms are bad idea.
Joseph M. Newcomer [MVP]
email: newcomer(a)flounder.com
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm

From: Mihai N. on 31 Jul 2006 04:50

> Homebrewed encryption is *always* a bad idea,
I was trying to be mild :-)

> but I suspect this is more likely trying to
> do some kind of character conversion.
This is probably also bad idea :-)
Doing any kind of "math" on Unicode characters is very
likely to result in a mess.

--
Mihai Nita [Microsoft MVP, Windows - SDK]
http://www.mihai-nita.net
------------------------------------------
Replace _year_ with _ to get the real email

First | Prev | Next | Last
Pages: 1 2 3 4 5 6 7 8 9 10 11 12
Prev: Wbemuuid.lib(wbemcli_i.obj) : fatal error LNK1103:
Next: File Save As Dialog