C++ 编译器错误:带有可能不安全的参数的函数调用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/903064/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Compiler Error: Function call with parameters that may be unsafe
提问by Lodle
Got some code that is not mine and its producing this warning atm:
得到了一些不是我的代码,它产生了这个警告 atm:
iehtmlwin.cpp(264) : warning C4996: 'std::basic_string<_Elem,_Traits,_Ax>::copy': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
with
[
_Elem=char,
_Traits=std::char_traits<char>,
_Ax=std::allocator<char>
]
c:\program files (x86)\microsoft visual studio 8\vc\include\xstring(1680) : see declaration of 'std::basic_string<_Elem,_Traits,_Ax>::copy'
with
[
_Elem=char,
_Traits=std::char_traits<char>,
_Ax=std::allocator<char>
]
this is the code in question:
这是有问题的代码:
HRESULT STDMETHODCALLTYPE Read(void __RPC_FAR *pv, ULONG cb, ULONG __RPC_FAR *pcbRead)
{
if (prepend.size() > 0)
{
int n = min(prepend.size(), cb);
prepend.copy((char *) pv, n);
prepend = prepend.substr(n);
if (pcbRead)
*pcbRead = n;
return S_OK;
};
int rc = Read((char *) pv, cb);
if (pcbRead)
*pcbRead = rc;
return S_OK;
};
and the warning refers to the prepend.copy line. I have tried googling the warning but cant work out what it is on about. Can some one help me solve this please.
并且警告是指 prepend.copy 行。我试过谷歌搜索警告,但无法弄清楚它是关于什么的。有人可以帮我解决这个问题吗?
Visual Studio 2005 SP1 Windows 7 RC1
Visual Studio 2005 SP1 Windows 7 RC1
.
.
Edit: prepend is a string which is typedefed
编辑: prepend 是一个 typedefed 的字符串
typedef basic_string<char, char_traits<char>, allocator<char> > string;
采纳答案by Alex Martelli
The warning is telling you that you risk a buffer overflow if nis too large -- which you know can't happen because of the way you just computed with a min, but the poor commpiler doesn't. I suggest you take the compiler's own advice and use -D_SCL_SECURE_NO_WARNINGSfor this one source file...
警告告诉您,如果n太大,您将面临缓冲区溢出的风险——您知道这不会发生,因为您刚刚使用 a 计算的方式min,但糟糕的编译器却没有。我建议你接受编译器自己的建议,use -D_SCL_SECURE_NO_WARNINGS对于这个源文件......
回答by JaredPar
Check out this MSDN page for documentation on the warning
查看此 MSDN 页面以获取有关警告的文档
The MS C++ compiler decided to deprecate the method std::string::copy because it is potentially unsafe to use and can lead to a buffer overrun. This deprecation is Microsoft specific and you will likely not see it on other compiler platforms.
MS C++ 编译器决定弃用 std::string::copy 方法,因为使用它可能不安全并且可能导致缓冲区溢出。此弃用是 Microsoft 特定的,您可能不会在其他编译器平台上看到它。
