Jump to content

C++ Language/Std/Strings/AvoidingBufferOverrun

From Wikibooks, open books for an open world

Some of the original C-Runtime functions were succeptible to a buffer-overrun-hack. For example, strnlen(NULL, 16) would cause a runtime-error.

A safer alternative is available in Win32; strnlen_s(NULL, 16) simply returns 0 without trying to overrun the buffer.

Additional information about avoiding buffer-overrun