strsafe.h

From HandWiki

strsafe.h is a non-standard C header file provided with the Windows SDK starting with Windows XP Service Pack 2[1] that provides safer buffer handling than that which is provided by the standard C string functions, which are widely known to have security issues involving buffer overruns when not used correctly.

Description

The functions included in strsafe.h replace standard C string handling and I/O functions including printf, strlen, strcpy and strcat.[2] The strsafe functions require the length of the string in either characters or bytes as a parameter and if an operation would exceed the length of the destination buffer, the operation fails and the string is still terminated with a null in its final valid index so that using it in other library functions will not result in undefined behavior.[1][2] Independent security researchers have noted that security issues are still possible with the functions from strsafe.h if they are not passed the correct buffer length.[3] The use of this library is recommended by the United States Department of Homeland Security.[4]

References

  1. 1.0 1.1 "About Strsafe.h (Windows)". https://msdn.microsoft.com/en-us/library/windows/desktop/ms647466(v=vs.85).aspx. 
  2. 2.0 2.1 Richter, Jeffrey; Nasarre, Christophe. Windows via C/C++ Fifth Edition. Microsoft Press. pp. 11–32. ISBN 9780735663770. 
  3. Daswani, Neil; Kern, Christopher; Kesavan, Anita. Foundations of Security: What Every Programmer Needs To Know. Apress Media LLC. p. 121. ISBN 9781590597842. 
  4. Plakosh, Daniel. "Strsafe.h | Build Security In". https://buildsecurityin.us-cert.gov/articles/knowledge/coding-practices/strsafeh. 

External links