|
|
|
Many system security problems are caused by poor buffer handling and the resulting buffer overruns. Poor buffer handling is often associated with string manipulation operations. The standard string manipulation functions that are supplied by C/C++ language runtime libraries (strcat, strcpy, sprintf, and so on) do not prevent writing beyond the end of buffers.
Two new sets of string manipulation functions, called safe string functions, provide additional processing for proper buffer handling in your code. These safe string functions are available for Microsoft® Windows® XP SP1 and later versions of the Windows DDK and Platform SDK. They are intended to replace their built-in C/C++ counterparts and similar routines that are supplied by Microsoft Windows.
One set of safe string functions are for use in kernel-mode code. These functions are prototyped in a header file named ntstrsafe.h. This header file and an associated library are available in the Windows DDK.
The other set of safe string functions are for use in user-mode applications. A corresponding header file, strsafe.h, contains prototypes for these functions. That file and an associated library are available in the Platform SDK. For more information about strsafe.h, see the Microsoft Developer Network (MSDN) Web site.
The kernel-mode safe string functions provide the following features:
This section includes the following topics: