StringCbPrintfEx
Other versions of this page are also available for the following:
8/27/2008
This function is a replacement for sprintf. It accepts a format string and a list of arguments and returns a formatted string.
The size, in bytes, of the destination buffer is provided to the function to ensure that StringCbPrintfEx does not write past the end of this buffer.
StringCbPrintfEx adds to the functionality of StringCbPrintf by returning a pointer to the end of the destination string, and by returning the number of bytes left unused in that string.
Flags can also be passed to the function for additional control.
Syntax
HRESULT StringCbPrintfEx(
LPTSTR pszDest,
size_t cbDest,
LPTSTR *ppszDestEnd,
size_t *pcbRemaining,
DWORD dwFlags,
LPCTSTR pszFormat,
... );
Parameters
- pszDest
[out] Pointer to a buffer that receives the formatted, null-terminated string created from pszFormat and its arguments.
cbDest
[in] Size of the destination buffer, in bytes.This value must be sufficiently large to accommodate the final formatted string plus the terminating null character.
The maximum number of bytes allowed is STRSAFE_MAX_CCH * sizeof(TCHAR).
p pszDestEnd
[out] Address of a pointer to the end of pszDest.If ppszDestEnd is non-NULL and data is copied into the destination buffer, this points to the terminating null character at the end of the string.
pcbRemaining
[out] Pointer to a variable that indicates the number of unused bytes in pszDest, including those used for the terminating null character.If pcbRemaining is NULL, the count is not kept or returned.
dwFlags
[in] One or more of the following values.Value Description STRSAFE_FILL_BEHIND_NULL
If the function succeeds, the low byte of dwFlags (0) is used to fill the uninitialized portion of pszDest following the terminating null character.
STRSAFE_IGNORE_NULLS
Treat null string pointers like empty strings (TEXT("")).
STRSAFE_FILL_ON_FAILURE
If the function fails, the low byte of dwFlags (0) is used to fill the entire pszDest buffer, and the buffer is null-terminated.
In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string returned is overwritten.
STRSAFE_NULL_ON_FAILURE
If the function fails, pszDest is set to an empty string (TEXT("")).
In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.
STRSAFE_NO_TRUNCATION
As in the case of STRSAFE_NULL_ON_FAILURE, if the function fails, pszDest is set to an empty string (TEXT("")).
In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.
pszFormat
[in] Pointer to a buffer containing a printf-style format string.This string must be null-terminated.
- ...
[in] Arguments to be inserted into pszFormat.
Return Value
This function returns an HRESULT, as opposed to sprintf, which returns the number of bytes stored in its destination buffer.
It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.
Value | Description |
---|---|
S_OK |
There was sufficient space for the result to be copied to pszDest without truncation, and the buffer is null-terminated. |
STRSAFE_E_INVALID_PARAMETER |
The value in cbDest is 0 or larger than STRSAFE_MAX_CCH * sizeof(TCHAR), or the destination buffer is full. |
STRSAFE_E_INSUFFICIENT_BUFFER |
The copy operation failed due to insufficient buffer space. Depending on the value of dwFlags, the destination buffer might contain a truncated, null-terminated version of the intended result. Where truncation is acceptable, this is not necessarily a failure condition. |
Remarks
StringCbPrintfEx provides additional processing for proper buffer handling in your code.
Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCbPrintfEx always null-terminates a nonzero-length destination buffer.
StringCbPrintfEx can be used in its generic form, or specifically as StringCbPrintfExA (for ANSI strings) or StringCbPrintfExW (for Unicode strings). The form to use is determined by your data.
String data type | String literal | Function |
---|---|---|
char |
"string" |
StringCbPrintfExA |
TCHAR |
TEXT("string") |
StringCbPrintfEx |
WCHAR |
L"string" |
StringCbPrintfExW |
StringCbPrintfEx and its ANSI and Unicode variants are replacements for these functions:
- sprintf
- swprintf
- wsprintf
- _snprintf
- _snwprintf
If the strings pointed to by pszDest, pszFormat, or any argument strings overlap, behavior is undefined.
Neither pszFormat nor pszDest should be NULL unless the STRSAFE_IGNORE_NULLS flag is specified; in which case both might be NULL. However, an error due to insufficient space might still be returned even though null values are ignored.
Requirements
Header | strsafe.h |
Windows Embedded CE | Windows CE 5.0 and later |