Compiler Error: Function call with parameters that may be unsafe
Solution 1
The warning is telling you that you risk a buffer overflow if n
is too large -- which you know can't happen because of the way you just computed with a min
, but the poor commpiler doesn't. I suggest you take the compiler's own advice and use -D_SCL_SECURE_NO_WARNINGS
for this one source file...
Solution 2
Check out this MSDN page for documentation on the warning
The MS C++ compiler decided to deprecate the method std::string::copy because it is potentially unsafe to use and can lead to a buffer overrun. This deprecation is Microsoft specific and you will likely not see it on other compiler platforms.
Comments
-
Lodle about 4 years
Got some code that is not mine and its producing this warning atm:
iehtmlwin.cpp(264) : warning C4996: 'std::basic_string<_Elem,_Traits,_Ax>::copy': Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct. To disable this warning, use -D_SCL_SECURE_NO_WARNINGS. See documentation on how to use Visual C++ 'Checked Iterators' with [ _Elem=char, _Traits=std::char_traits<char>, _Ax=std::allocator<char> ] c:\program files (x86)\microsoft visual studio 8\vc\include\xstring(1680) : see declaration of 'std::basic_string<_Elem,_Traits,_Ax>::copy' with [ _Elem=char, _Traits=std::char_traits<char>, _Ax=std::allocator<char> ]
this is the code in question:
HRESULT STDMETHODCALLTYPE Read(void __RPC_FAR *pv, ULONG cb, ULONG __RPC_FAR *pcbRead) { if (prepend.size() > 0) { int n = min(prepend.size(), cb); prepend.copy((char *) pv, n); prepend = prepend.substr(n); if (pcbRead) *pcbRead = n; return S_OK; }; int rc = Read((char *) pv, cb); if (pcbRead) *pcbRead = rc; return S_OK; };
and the warning refers to the prepend.copy line. I have tried googling the warning but cant work out what it is on about. Can some one help me solve this please.
Visual Studio 2005 SP1 Windows 7 RC1
.
Edit: prepend is a string which is typedefed
typedef basic_string<char, char_traits<char>, allocator<char> > string;
-
Lodle about 15 yearsi ended up using #pragma warning( disable : 4996 ) as the preprocessor define didnt work
-
jww almost 13 years@alex - its not claiming 'n' is [potentially] too large. You are being warned about using a function that takes a destination pointer without a destination size. For what its worth, defining D_SCL_SECURE_NO_WARNINGS to supress warnings is a bad idea.
-
Nathan Paul Simons over 11 years@Lodle - Odd, the
pragma warning(disable: 4996)
didn't work for me in VS2010; adding_SCL_SECURE_NO_WARNINGS
to the defines for each individual file (and each separate build) seemed to do the trick. -
Geier about 11 years@Nathan I have it the other way around: _SCL... doesn't work, the #pragma does...
-
CroCo about 9 yearsso is it safe to disable it? I'm using odeint boost for solving differential equations and this error pops up. I'm using visual studio 2013. I used
#pragma warning( disable : 4996 )
and the code is working but not sure if this is safe. Thanks