For things like this
lstrcpy()
Security Alert Using this function incorrectly can compromise the security of your application. The first argument, lpString1, must be large enough to hold lpString2 and the closing ''\0'', otherwise a buffer overrun may occur. Buffer overruns may lead to a denial of service attack against the application if an access violation occurs. In the worst case, a buffer overrun may allow an attacker to inject executable code into your process, especially if lpString1 is a stack-based buffer. Consider using one of the following alternatives: StringCbCopy, StringCbCopyEx, StringCbCopyN, StringCbCopyNEx, StringCchCopy, StringCchCopyEx, StringCchCopyN, or StringCchCopyNEx. You should review Security Considerations: Windows User Interface before continuing.
Security wise, is that all that can happen? BTW I''m using std::string, so this is just an example.
The three P's Public Private Protected
As far as I know, those three terms only mean somthing to the compiler while it is compiling. They are only there to promote good coding practise and encapsulation.
When it is compiled, all that stuff just falls away anyway, so they wont actuly affect anything while the code is running, and thus, wont help you with outside influences.
When it is compiled, all that stuff just falls away anyway, so they wont actuly affect anything while the code is running, and thus, wont help you with outside influences.
That is my understanding as well. They are just rules for compilation and linking. Bjarne Stroustrup himself said this:
==================
Benjamin Heath
==================
[edited by - Benjamin Heath on October 11, 2003 2:30:08 AM]
quote:original quote by Bjarne Stroustrup (ARM,1990)
The C++ access control mechanisms provide protection against accident-- not against fraud.
==================
Benjamin Heath
==================
[edited by - Benjamin Heath on October 11, 2003 2:30:08 AM]
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement