Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version
Go to top

Secure String Handling in Windows Applications

, 9 Mar 2014
This article explains about Strsafe, Secured C run time library (CRT) and safe STL functions.
SecureStringHandling_InvalidParameter.zip
InvalidParameter
InvalidParameter.suo
InvalidParameter
SecureStringHandling_StringCopy.zip
StringCopy
StringCopy.suo
StringCopy
/********************************************************************
	InvalidParameter.cpp : Defines the entry point for the console application.
	
	This application uses for demo the _invalid_parameter_handler for check invalid paramter for _s functions

*********************************************************************/

#include "stdafx.h"

#include <stdlib.h> // _invalid_parameter_handler

#define MAX_BUF 10 // Max char for get_s  

#include <tchar.h>
#include <crtdbg.h>
#include <errno.h>
#include<vadefs.h>

/* Custom invalid parameter handler.  This handler is executed instead 

   of the default handler when the CRT encounters invalid parameters*/
void myInvalidParameterHandler(const wchar_t* expression,
							   const wchar_t* function, 
							   const wchar_t* file, 
						       unsigned int line, 
							   uintptr_t pReserved)
{
   wprintf(L"Invalid parameter detected in function %s."
            L" File: %s Line: %d\n", function, file, line);

   wprintf(L"Expression: %s\n", expression);
}


int _tmain(int argc, _TCHAR* argv[])
{
	/* Set the invalid paramter handler, save the old one */
	_invalid_parameter_handler oldHandler, newHandler;
   newHandler = myInvalidParameterHandler;
   oldHandler = _set_invalid_parameter_handler(newHandler);

#if _DEBUG
   wprintf(L"Enter 10 char string includes NULL:");
#endif
	/* Declare variable for get string */
   char safe_getline[MAX_BUF]; 
  

    /* Disable the message box for assertions */
	_CrtSetReportMode( _CRT_ASSERT, 0) ; 
	
	/* Use the following code for display Assert message in window */
	/* Supported mode :  _CRTDBG_MODE_DEBUG, _CRTDBG_MODE_FILE,  _CRTDBG_MODE_WNDW and _CRTDBG_REPORT_MODE */
	//_CrtSetReportMode( _CRT_ASSERT, _CRTDBG_MODE_WNDW); 

	_ASSERTE(gets_s(safe_getline, MAX_BUF));

#if _DEBUG
    wprintf(L"Entered String %S\n", safe_getline);
#endif

	return 0;
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

R.selvam
Software Developer (Senior)
India India
Selvam has worked on several technologies like Core Java, VC++, MFC, Windows API and Weblogic server. He takes a lot of interest in reading technical articles and enjoy writing them too. He has been awarded as a Microsoft Community Star in 2004, MVP in 2005-06, SCJP 5.0 in 2009, Microsoft Community Contributor(MCC) 2011.
 
Github : https://github.com/selvamselvam
Web site: http://www15.brinkster.com/selvamselvam
Follow on   LinkedIn

| Advertise | Privacy | Mobile
Web02 | 2.8.140916.1 | Last Updated 9 Mar 2014
Article Copyright 2011 by R.selvam
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid