Re: Undeclared identifier error in file "xlocnum"

Other platforms exist?

Actually, I once wrote a portable safe-string library so that my code could run on both
VMW and Unix. It was worth the effort. About two weeks after I delivered the product, one
of their programmers, while using my library, made a mistake, and was pleased that my
library caught it. Note also that std::string is also portable. But if I do any string
copies for any reason, I will use _tcscpy (it is trivial to replicate tchar.h
functionality in a portable fashion). And if I do it, it is because I have ALREADY checked
the target butter length to make sure it already fit. I gave up on pretending that these
functions are reliable back in the late 1980s.
joe

On Thu, 07 Jul 2005 10:43:51 -0500, Kurt Grittner <grittkmg_NO_SPAM_@xxxxxxxxxxx> wrote:

>Hi Joe,
>
>Well, there is still a reason to use those crappy old functions. If
>your code is used on other platforms and by other compilers you will
>do much less re-coding if you use those tired old workhorses.
>
>-Kurt
>
>On Thu, 07 Jul 2005 02:49:59 -0400, Joseph M. Newcomer
><newcomer@xxxxxxxxxxxx> wrote:
>
>>I had issues with strcat and strcpy in 1975, and nothing in the intervening 30 years has
>>changed the fact that they are exceptionally poorly designed. I have never liked them, and
>>now that I have CString, I never use them (what never? Well, hardly ever...)
>>
>>As I indicated, you have done something that includes the safe-string library; this
>>redefines all those crappy old functions to generate warning messages, and provides for
>>intelligently-designed alternatives. That's why a new project won't cause problems; but
>>include the safe-string library and you'll get the problems.
>>
>>Note that when Microsoft did a code audit of Windows as part of their security effort,
>>several THOUSAND potential buffer overflow exploits were identified as the result of
>>strcpy and strcat. This came as no surprise to me. (I've heard numbers like 5000 and 8000
>>quoted in some newsgroups, but I have no inside information to verify any of these
>>numbers. But they are quite credible). Since there is little or no reason to use either
>>strcpy or strcat these days, it is better to adopt safe programming practices. I very
>>nearly have the safe-string strcpy and strcat memorized at this point, mostly because I so
>>rarely need them that I don't have to write such functions very often, and really don't
>>use strcpy/strcat any longer.
>> joe
>>

Joseph M. Newcomer [MVP]
email: newcomer@xxxxxxxxxxxx
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
.