windows 如何在 Visual C++ 运行时禁用缓冲区溢出检查?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1752998/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to disable buffer overflow checking in the Visual C++ Runtime?
提问by Ian Boyd
i, and a few thousand other people, are getting an error being thrown by the Microsoft Visual C++ Runtime:
我和其他几千人收到 Microsoft Visual C++ 运行时抛出的错误:
Which for the benefit of search engines, says:
这对搜索引擎的好处说:
Microsoft Visual C++ Runtime Library
Buffer overrun detected!
Program: %s
A buffer overrun has been detected which has corrupted the program's
internal state. The program cannot safely continue execution and must
now be terminated.
Now i understand what a buffer overrun is, and why it is a bad thing. Given Microsoft's new emphasis on "it's just broken", the extra buffer checks in MSVCRTcan be a nice thing.
现在我明白了什么是缓冲区溢出,以及为什么它是一件坏事。鉴于 Microsoft 新强调“它只是坏了”,MSVCRT 中的额外缓冲区检查可能是一件好事。
On the other hand, i don't care. It's not that the program can't continue, it's that the program cannot safelycontinue. Well i'd rather be unsafe, because it's better than nothing. i enjoy living dangerously.
另一方面,我不在乎。不是程序不能继续,而是程序不能安全地继续。好吧,我宁愿不安全,因为总比没有好。我喜欢危险的生活。
So can anyone suggest anything? i was thinking things like:
那么任何人都可以提出任何建议吗?我在想这样的事情:
- a registry key to prevent MSVCRT from halting execution
- running the application in compability with a previous operating system (previous to Windows 7)
- adding an assembly manifest to the executable folder so that it uses an older version of the MSVCRT, one which doesn't perform this overflow checking
- a version number, or download location, of a copy of MSVCRT that doesn't have the overflow checking
- 防止 MSVCRT 停止执行的注册表项
- 在与以前的操作系统(Windows 7 之前)兼容的情况下运行应用程序
- 将程序集清单添加到可执行文件夹,以便它使用旧版本的 MSVCRT,一个不执行此溢出检查的版本
- 没有溢出检查的 MSVCRT 副本的版本号或下载位置
i tried searching the support site of the company that wrote the Microsoft Visual C++ Runtime Library, but they have no mention of which functions could be overflowing, or how to disable overflow checking.
我尝试搜索编写Microsoft Visual C++ 运行库的公司的支持站点,但他们没有提到哪些函数可能会溢出,或者如何禁用溢出检查。
回答by Daniel A. White
There is an option here. Set it to no.
这里有一个选项。将其设置为否。
Project Properties -> Configuration Properties -> C/C++ -> Code Generation -> Buffer Security Check.
项目属性 -> 配置属性 -> C/C++ -> 代码生成 -> 缓冲区安全检查。
This corresponds to the /GS (Buffer Security Check) compiler option:
这对应于/GS(缓冲区安全检查)编译器选项:
Detects some buffer overruns that overwrite the return address, a common technique for exploiting code that does not enforce buffer size restrictions. This is achieved by injecting security checks into the compiled code.
检测一些覆盖返回地址的缓冲区溢出,这是一种利用不强制执行缓冲区大小限制的代码的常用技术。这是通过在编译后的代码中注入安全检查来实现的。
回答by Michael Burr
Is this happening in you code or actually in the library? If it's in the library, I know you say you want to just ignore the error, but what you would you do if it was an access violation that crashed the process?
这是发生在您的代码中还是实际上发生在库中?如果它在库中,我知道您说您只想忽略错误,但是如果访问冲突导致进程崩溃,您会怎么做?
You should treat it the same way, because logically it's the same thing. It's just the CRT is crashing the process instead of the OS.
你应该以同样的方式对待它,因为从逻辑上讲它是一样的。只是 CRT 导致进程崩溃,而不是操作系统崩溃。
But, If you're using the debug build of the library you might get better (?) results using the release build (maybe it'll just crash without the dialog box notification).
但是,如果您使用的是库的调试版本,则使用发布版本可能会获得更好的(?)结果(也许它会在没有对话框通知的情况下崩溃)。
If it's in your code you can disable the overflow check using the /GS- option. But you should really fix the bug.
如果它在您的代码中,您可以使用 /GS- 选项禁用溢出检查。但是你真的应该修复这个错误。
