Copies bytes between buffers. More secure versions of these functions are available; see
void *memcpy( void *dest, const void *src, size_t count ); wchar_t *wmemcpy( wchar_t *dest, const wchar_t *src, size_t count );
Buffer to copy from.
Number of characters to copy.
The value of
count bytes from
count wide characters. If the source and destination regions overlap, the behavior of
memcpy is undefined. Use
memmove to handle overlapping regions.
Make sure that the destination buffer is the same size or larger than the source buffer. For more information, see Avoiding buffer overruns.
Because so many buffer overruns, and thus potential security exploits, have been traced to improper usage of
memcpy, this function is listed among the "banned" functions by the Security Development Lifecycle (SDL). You may observe that some VC++ library classes continue to use
memcpy. Furthermore, you may observe that the VC++ compiler optimizer sometimes emits calls to
memcpy. The Visual C++ product is developed in accordance with the SDL process, and thus usage of this banned function has been closely evaluated. In the case of library use of it, the calls have been carefully scrutinized to ensure that buffer overruns will not be allowed through these calls. In the case of the compiler, sometimes certain code patterns are recognized as identical to the pattern of
memcpy, and are thus replaced with a call to the function. In such cases, the use of
memcpy is no more unsafe than the original instructions would have been; they have simply been optimized to a call to the performance-tuned
memcpy function. Just as the use of "safe" CRT functions doesn't guarantee safety (they just make it harder to be unsafe), the use of "banned" functions doesn't guarantee danger (they just require greater scrutiny to ensure safety).
memcpy usage by the VC++ compiler and libraries has been so carefully scrutinized, these calls are permitted within code that otherwise conforms with the SDL.
memcpy calls introduced in application source code only conform with the SDL when that use has been reviewed by security experts.
wmemcpy functions are only deprecated if the constant
_CRT_SECURE_DEPRECATE_MEMORY is defined before the include statement, as in the example below:
#define _CRT_SECURE_DEPRECATE_MEMORY #include <memory.h>
#define _CRT_SECURE_DEPRECATE_MEMORY #include <wchar.h>
For more compatibility information, see Compatibility.
memmove for a sample of how to use
Submit and view feedback for