Bagikan melalui


C6054

warning C6054: string <variable> may not be zero-terminated

This warning indicates that a function that requires zero-terminated string was passed a non-zero terminated string. A function that expects a zero-terminated string will go beyond the end of the buffer to look for the zero. This defect might cause an exploitable buffer overrun error or crash. The program should make sure that the string ends with a zero.

Example

The following code generates this warning:

#include<codeanalysis\sourceannotations.h>
using namespace vc_attributes;

void f ([Pre(NullTerminated=Yes)] wchar_t* v);

void g ( )
{
   wchar_t v[200];
   f(v); // C6054 - v is not "null-terminated" before the call to f
}

To correct this warning, null-terminate v before calling function f as shown in the following sample code:

void g( )
{
  wchar_t v[200]; 
  v[0]= '\0';
  f(v);
}

See Also

Concepts

Annotation Overview

Reference

C6053

NullTerminated