Perry
Reputation: 1217
get length of formatted string before format with security enhancements
I want to convert my code from "unsecure" version to "secure" to avoid an error and the define:
int l = sprintf(NULL, "%.*f", precision, newVal);
char* msg = (char*)malloc(l + 1);
sprintf(msg, "%.*f", precision, newVal);
error C4996: 'sprintf': This function or variable may be unsafe. Consider using sprintf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
My problem is if I write this:
int l = sprintf_s(NULL, 0, "%.*f", precision, newVal);
char* msg = (char*)malloc(l + 1);
sprintf_s(msg, l, "%.*f", precision, newVal);
An exception is fired:
Unhandled exception at 0x00007FFFEA83924C (ucrtbased.dll) in WinTests.exe: An invalid parameter was passed to a function that considers invalid parameters fatal.
So, how is it supposed to be done?
Upvotes: 0
Views: 87
Answers (0)
Related Questions
- Why is this program telling me invalid parameter was passed?
- error : Debug assertion failed. C++ vector subscript out of range
- How can fopen_s be more safe than fopen?
- Problem while initializing attribute in constructor c++
- Trying to make a conditional forloop when reading from a file
- Cannot get rid of WARNINGS after using DEFINE# and excluding them in PRE-PROCESSOR DEFINITIONS
- How to get rid of "unsafe" warnings / errors in Visual Studio (strcpy, sprintf, strdup)