Re: WM_SETTEXT with Subclassed CEdit: Is this safe?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: River Ross (river.ross_at_sbcglobal.net)
Date: 02/24/05 

Date: Thu, 24 Feb 2005 22:56:30 GMT

No I don't think that is safe... you are copying over the pointer that
outside code called and you have no idea what that pointer is, readonly,
enough memory,etc.

what if some other programmer does this:
yourcontrol.SendMessage(WM_SETTEXT,0,"crashme");

Plus as a design this doesn't really make sense the message is telling your
control what to display, not asking your control to copy over a buffer.
Maybe something like this is suitable:

CMonetEdit::SetValue(double dMoney)
{
    m_dMyNumber=dMoney;
    CString strTemp;
    strTemp.Format("$%f",dMyNumber);
    if (GetSafeHwnd())
        SetWindowText(strTemp);
}

Or try a design that binds it to an outside data value etc.

BTW Monet is a painter. :)

"Dan McCarty" <dmccarty@gmail.com> wrote in message
news:1109279301.111082.45760@z14g2000cwz.googlegroups.com...
>I created a custom edit control (CMonetEdit) that I plan on using
> throughout an entire application. Among other things, the CMonetEdit
> stores units for each field. To display the field plus its units, I
> handle WM_SETTEXT:
>
> LRESULT CMonetEdit::OnSetText(WPARAM w, LPARAM lpsz)
> {
> // FormatField() knows about the field's data through a
> // custom DDX routine
> CString text = FormatField();
> // For example, lpsz might've been 500; FormatField()
> // would return "5.00 in" instead
> wcscpy((wchar_t *)lpsz, text);
>
> return Default();
> }
>
> I've made a critical assumption: that the size of lpsz is buffered to
> some size larger than just the length of the current field text,
> similar to a CString. Is this a safe assumption to make?
>
> Thanks,
> Dan.
>

Relevant Pages

  • Re: Moving to C#
    ... some point, to keep track of a pointer then I'm thinking that it would be a very elite profession indeed and the trades industry wouldn't be suffering for iron workers, carpenters, plumbers and the like as it is. ... Most upper level management doesn't know jack about programming anyway, so they can't filter out poor programmers. ... The pointer not being freed can easily be profiled and deteremined because you should have NO pointers left over when you are done. ... If you are writing flight control software and NOT running code through the proper quality control, then it doesn't matter what language/framework/OS you are using - someone is going to have a very bad day! ...
    (borland.public.delphi.non-technical)
  • FW: Windows Update - Unsafe ActiveX control (fwd)
    ... "Safe for Scripting" simply means that the control is safe to be used ... Windows Update is safe because it only allows itself to be hosted ... etc. it is considered "Safe for Scripting". ...
    (Bugtraq)
  • Re: Richtx32.ocx unter Office SP3
    ... ActiveX-Steuerelemente, die nicht als "Safe" ... Code signing ... Because an ActiveX control allows access to root operating ... which allows an ActiveX developer the option ...
    (microsoft.public.de.word.vba)
  • Re: Issue with casting CString to LPARAM and recasting it to CString...
    ... List Control class of MFC. ... of maintaining a unique sequence number which is a CString and member ... Why are you returning a pointer? ... itself is in complete control of the LPARAM value, and it is not managed by anyone else. ...
    (microsoft.public.vc.mfc)
  • Re: Issue with casting CString to LPARAM and recasting it to CString...
    ... List Control class of MFC. ... CString* MyItem::GetListItemSequence ... because returning a pointer can be dangerous...for example, it allows the caller to reach ... itself is in complete control of the LPARAM value, and it is not managed by anyone else. ...
    (microsoft.public.vc.mfc)