StringCchPrintfA function (strsafe.h)
Writes formatted data to the specified string. The size of the destination buffer is provided to the function to ensure that it does not write past the end of this buffer.
StringCchPrintf is a replacement for the following functions:
Syntax
STRSAFEAPI StringCchPrintfA(
[out] STRSAFE_LPSTR pszDest,
[in] size_t cchDest,
[in] STRSAFE_LPCSTR pszFormat,
...
);
Parameters
[out] pszDest
Type: LPTSTR
The destination buffer, which receives the formatted, null-terminated string created from pszFormat and its arguments.
[in] cchDest
Type: size_t
The size of the destination buffer, in characters. This value must be sufficiently large to accommodate the final formatted string plus 1 to account for the terminating null character. The maximum number of characters allowed is STRSAFE_MAX_CCH.
[in] pszFormat
Type: LPCTSTR
The format string. This string must be null-terminated. For more information, see Format Specification Syntax.
...
The arguments to be inserted into the pszFormat string.
Return value
Type: HRESULT
This function can return one of the following values. It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.
Return code | Description |
---|---|
|
There was sufficient space for the result to be copied to pszDest without truncation, and the buffer is null-terminated. |
|
The value in cchDest is either 0 or larger than STRSAFE_MAX_CCH. |
|
The copy operation failed due to insufficient buffer space. The destination buffer contains a truncated, null-terminated version of the intended result. In situations where truncation is acceptable, this may not necessarily be seen as a failure condition. |
Note that this function returns an HRESULT value, unlike the functions that it replaces.
Remarks
Compared to the functions it replaces, StringCchPrintf provides additional processing for proper buffer handling in your code. Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCchPrintf always null-terminates a nonzero-length destination buffer.
Behavior is undefined if the strings pointed to by pszDest, pszFormat, or any argument strings overlap.
Neither pszFormat nor pszDest should be NULL. See StringCchPrintfEx if you require the handling of null string pointer values.
StringCchPrintf can be used in its generic form, or in its more specific forms. The data type of the string determines the form of this function that you should use.
String Data Type | String Literal | Function |
---|---|---|
char | "string" | StringCchPrintfA |
TCHAR | TEXT("string") | StringCchPrintf |
WCHAR | L"string" | StringCchPrintfW |
Examples
The following example shows a simple use of StringCchPrintf, using four arguments.
TCHAR pszDest[30];
size_t cchDest = 30;
LPCTSTR pszFormat = TEXT("%s %d + %d = %d.");
TCHAR* pszTxt = TEXT("The answer is");
HRESULT hr = StringCchPrintf(pszDest, cchDest, pszFormat, pszTxt, 1, 2, 3);
// The resultant string at pszDest is "The answer is 1 + 2 = 3."
Note
The strsafe.h header defines StringCchPrintf as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP with SP2 [desktop apps | UWP apps] |
Minimum supported server | Windows Server 2003 with SP1 [desktop apps | UWP apps] |
Target Platform | Windows |
Header | strsafe.h |
See also
Reference