Compartilhar via


PREfast Warning 56 (Windows CE 5.0)

Send Feedback

56 - Call to <function> does not validate buffer size.
Recommended Fix: Consider calling <function> instead.

This warning indicates that a function such as sprintf, which does not have a parameter indicating the maximum buffer size and is thus prone to buffer overrun, was called when an alternate function that contains the maximum buffer size exists.

This warning identifies an opportunity for defensive programming; it sometimes identifies a defect that can lead to an exploitable buffer overrun or crash.

PREfast attempts to suggest a safer function that can be called as an alternative.

Example

Defective Source

char buff[MAX_PATH];
OemToChar(buff, input); // If strlen(input) > _MAX_PATH,
                         // this leads to buffer overrun.

Corrected Source

char buff[MAX_PATH];
OemToCharBuff(buff, input, MAX_PATH);

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.