Philipp
Reputation: 11813
Boost serialization: safe to ignore warning?
I started to use boost's serialization code to write data to a binary stream. I get the following warnings which could be disabled (D_SCL_SECURE_NO_WARNINGS) but I wonder if it is safe to do so? How can I get more specific information which code of mine causes the warning? I only know the .cpp file.
This is the output from Visual Studio 2008:
4>g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(162) : warng C4996: 'std::basic_streambuf<_Elem,_Traits>::sgetn': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> E:\Visual Studio 9.0\VC\include\streambuf(121) : see declaration of 'std::basic_streambuf<_Elem,_Traits>::sgetn'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(152) : while compiling class template member function 'void boost::archive::basic_binary_iprimitive<Archive,Elem,Tr>::load_binary(void *,size_t)'
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(107) : see reference to function template instantiation 'void boost::archive::basic_binary_iprimitive<Archive,Elem,Tr>::load<T>(T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(356) : see reference to function template instantiation 'void boost::archive::load_access::load_primitive<Archive,T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(433) : see reference to function template instantiation 'void boost::archive::detail::load_non_pointer_type<Archive>::load_primitive::invoke<T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(580) : see reference to function template instantiation 'void boost::archive::detail::load_non_pointer_type<Archive>::invoke<T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/common_iarchive.hpp(68) : see reference to function template instantiation 'void boost::archive::load<Archive,T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(67) : see reference to function template instantiation 'void boost::archive::detail::common_iarchive<Archive>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive_impl.hpp(50) : see reference to function template instantiation 'void boost::archive::basic_binary_iarchive<Archive>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/interface_iarchive.hpp(61) : see reference to function template instantiation 'void boost::archive::binary_iarchive_impl<Archive,Elem,Tr>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(77) : see reference to function template instantiation 'Archive &boost::archive::detail::interface_iarchive<Archive>::operator >><unsigned char>(T &)' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(74) : while compiling class template member function 'void boost::archive::basic_binary_iarchive<Archive>::load_override(boost::archive::version_type &,int)'
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive_impl.hpp(36) : see reference to class template instantiation 'boost::archive::basic_binary_iarchive<Archive>' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive.hpp(42) : see reference to class template instantiation 'boost::archive::binary_iarchive_impl<Archive,Elem,Tr>' being compiled
4> with
4> [
4> Archive=boost::archive::naked_binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>
4> ]
4>g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(176) : warning C4996: 'std::basic_streambuf<_Elem,_Traits>::sgetn': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> E:\Visual Studio 9.0\VC\include\streambuf(121) : see declaration of 'std::basic_streambuf<_Elem,_Traits>::sgetn'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4>g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(162) : warning C4996: 'std::basic_streambuf<_Elem,_Traits>::sgetn': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> E:\Visual Studio 9.0\VC\include\streambuf(121) : see declaration of 'std::basic_streambuf<_Elem,_Traits>::sgetn'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(152) : while compiling class template member function 'void boost::archive::basic_binary_iprimitive<Archive,Elem,Tr>::load_binary(void *,size_t)'
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(107) : see reference to function template instantiation 'void boost::archive::basic_binary_iprimitive<Archive,Elem,Tr>::load<T>(T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(356) : see reference to function template instantiation 'void boost::archive::load_access::load_primitive<Archive,T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(433) : see reference to function template instantiation 'void boost::archive::detail::load_non_pointer_type<Archive>::load_primitive::invoke<T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/iserializer.hpp(580) : see reference to function template instantiation 'void boost::archive::detail::load_non_pointer_type<Archive>::invoke<T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/common_iarchive.hpp(68) : see reference to function template instantiation 'void boost::archive::load<Archive,T>(Archive &,T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(67) : see reference to function template instantiation 'void boost::archive::detail::common_iarchive<Archive>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive_impl.hpp(50) : see reference to function template instantiation 'void boost::archive::basic_binary_iarchive<Archive>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/detail/interface_iarchive.hpp(61) : see reference to function template instantiation 'void boost::archive::binary_iarchive_impl<Archive,Elem,Tr>::load_override<T>(T &,int)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(77) : see reference to function template instantiation 'Archive &boost::archive::detail::interface_iarchive<Archive>::operator >><unsigned char>(T &)' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> T=unsigned char
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/basic_binary_iarchive.hpp(74) : while compiling class template member function 'void boost::archive::basic_binary_iarchive<Archive>::load_override(boost::archive::version_type &,int)'
4> with
4> [
4> Archive=boost::archive::binary_iarchive
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive_impl.hpp(36) : see reference to class template instantiation 'boost::archive::basic_binary_iarchive<Archive>' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive
4> ]
4> g:\winlib\boost\1_42_0\boost/archive/binary_iarchive.hpp(76) : see reference to class template instantiation 'boost::archive::binary_iarchive_impl<Archive,Elem,Tr>' being compiled
4> with
4> [
4> Archive=boost::archive::binary_iarchive,
4> Elem=char,
4> Tr=std::char_traits<char>
4> ]
4>g:\winlib\boost\1_42_0\boost/archive/basic_binary_iprimitive.hpp(176) : warning C4996: 'std::basic_streambuf<_Elem,_Traits>::sgetn': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
4> E:\Visual Studio 9.0\VC\include\streambuf(121) : see declaration of 'std::basic_streambuf<_Elem,_Traits>::sgetn'
4> with
4> [
4> _Elem=char,
4> _Traits=std::char_traits<char>
4> ]
Thanks!
Upvotes: 1
Views: 1378
Answers (3)
Tymek
Reputation: 684
Boost documentation admits that there are many warnings that are safe to ignore. I removed irritating warning messages from my console in Visual Studio 2008 by adding the following to my code:
#pragma warning(disable:4099)
Upvotes: 0
Anton Matosov
Reputation: 1705
If your project is going to be compiled only using the Visual Studio you can replace call to sgetn (from the line of warning) on _Sgetn_s and duplicate the last parameter of the initial call. That way you will transform call into the safe one.
Or you can go with patch provided below, it applies _Sgetn_s for VC 8.0 and higher, but leaves sgetn for all other compilers.
Index: basic_binary_iprimitive.hpp
===================================================================
@@ -143,6 +143,11 @@
void
load_binary(void *address, std::size_t count);
};
+#if defined(_MSC_VER) && (_MSC_VER >= 1400) //VC 8.0 +
+# define BOOST_sgetn_safe( buf, count ) _Sgetn_s( buf, count, count )
+#else
+# define BOOST_sgetn_safe( buf, count ) sgetn( buf, count )
+#endif
template<class Archive, class Elem, class Tr>
inline void
@@ -157,6 +162,7 @@
);
std::streamsize s = static_cast<std::streamsize>(count / sizeof(Elem));
- std::streamsize scount = m_sb.sgetn(
+ std::streamsize scount = m_sb.BOOST_sgetn_safe(
static_cast<Elem *>(address),
s
);
@@ -173,7 +179,7 @@
// archive_exception(archive_exception::stream_error)
// );
Elem t;
- scount = m_sb.sgetn(& t, 1);
+ scount = m_sb.BOOST_sgetn_safe(& t, 1);
if(scount != 1)
boost::serialization::throw_exception(
archive_exception(archive_exception::input_stream_error)
@@ -181,6 +187,7 @@
std::memcpy(static_cast<char*>(address) + (count - s), &t, s);
}
}
+#undef BOOST_sgetn_safe
} // namespace archive
} // namespace boost
Upvotes: 0
Bo Persson
Reputation: 92271
If you trust Boost not to pass out-of-range parameters, you can disable the warnings.
Microsoft has proposed a set of new "more secure" functions for the C library,
http://www.open-std.org/JTC1/SC22/WG14/www/docs/n1225.pdf
and are warning everyone who uses the old ones.
You could perhaps also try a newer Boost library? The lastest is 1.46.1
Upvotes: 2
Related Questions
- Warnings when using Boost Serialization with -Wall -Wextra
- Is it safe to serialize a raw boost::variant?
- Backward compatibility problem with boost serialization 1:73
- boost::serialization warning unusedvariable file_version
- Boost Serialize backward compatibility issues
- Boost serialization data standard
- c++ boost serialization how to prevent crashes with improper files
- Boost serialization : ensure data safety over socket transmition
- Boost.Serialization Warning
- Is it safe to use boost serialization to serialize objects in C++ to a binary format for use over a socket?