警告 C28719

  • 项目

禁止的 API 用法: 函数名称 不安全,已标记为已弃用。

此警告指示正在使用的函数已被禁止,并且具有更可靠或更安全的替换。

注解

可以在以下示例后面找到此错误涵盖的所有受禁函数的列表、禁止函数的原因以及建议的替换项。

代码分析名称:BANNED_API_USAGE

示例

下面的代码生成此警告:

void example_func(PSTR src) 
{ 
    char dst[100]; 
    strcpy(dst, src);
}

此问题源于使用不安全函数 strcpy。 如果目标缓冲区足够大,适合源数据,strcpy 不会检查。 若要解决此问题,可以使用 strcpy_s,C++11 的更安全的替代函数。 strcpy_s具有第三个参数 (目标缓冲区) 的大小,以确保仅复制多个字节。 例如,以下代码更安全:

void example_func(PSTR src) 
{ 
    char dst[100]; 
    strcpy_s(dst, sizeof(dst), src); 
}

禁止的函数

注意:此列表正在积极更新和改进

禁止的 API 替换 () 基本原理/注释
_fstrcat StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 旧版 16 位远指针实现
_fstrcpy StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 旧版 16 位远指针实现
_fstrncat StringCbCatN, StringCbCatNEx, StringCchCatN, StringCchCatNEx 旧版 16 位远指针实现
_fstrncpy strncpy, wcsncpy 旧版 16 位远指针实现
_ftccat strcat, wcscat 旧版 16 位远指针实现
_ftccpy strcpy, wcscpy 旧版 16 位远指针实现
_ftcscat strcat, wcscat 旧版 16 位远指针实现
_ftcscpy strcpy, wcscpy 旧版 16 位远指针实现
_getts StringCbGets, StringCbGetsEx, StringCchGets, StringCchGetsEx, gets_s 数据没有大小限制
_gettws gets_s 数据没有大小限制
_getws _getws_s 数据没有大小限制
_mbccat strcat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, strlcat 数据没有大小限制
_makepath _makepath_s 数据没有大小限制
_mbscat _mbscat_s
_snprintf _snprintf_s 不为 NULL 终止
_sntprintf StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 不为 NULL 终止
_sntscanf _snscanf_s 无最大长度
_snwprintf _snwprintf_s, StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 不为 NULL 终止
_splitpath _splitpath_s 无边界检查
_stprintf StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 有限错误检测
_stscanf sscanf_s (需要更改格式字符串) 无边界检查
_tccat strcat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, strlcat 无边界检查
_tccpy strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy 无边界检查
_tcscat StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
_tcscpy StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 有限错误检测
_tcsncat StringCbLength, StringCchLength, UnalignedStringCbLength, UnalignedStringCchLength 无最大长度
_tcsncpy StringCbCopyN, StringCbCopyNEx, StringCchCopyN, StringCchCopyNEx 有限错误检测
_tmakepath _makepath_s 无边界检查
_tscanf scanf_s 无边界检查输出
_tsplitpath splitpath_s, wsplitpath_s 无边界检查
_vsnprintf _vsnprintf_s, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 有限错误检测
_vsntprintf StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 有限错误检测
_vsnwprintf _vsnwprintf_s, StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx 有限错误检测
_vstprintf StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrinfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无最大长度
_wmakepath _wmakepath_s 无边界检查
_wsplitpath _wsplitpath_s 无边界检查
OemToCharW WideCharToMultiByte 无边界检查
StrCat StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
StrCatA StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
StrCatBuff StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 无 NULL 终止
StrCatBuffA StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 无 NULL 终止
StrCatBuffW StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 无 NULL 终止
StrCatChainW StringCbCatEx, StringCbCatNEx, StringCchCatEx, StringCchCatNEx 无 NULL 终止
StrCatN StringCbCat, StringCbCatEx, StringCbCatN, StringCbCatNEx, StringCchCat, StringCchCatEx, StringCchCatN, StringCchCatNEx 无边界检查
StrCatNA StringCbCat, StringCbCatEx, StringCbCatN, StringCbCatNEx, StringCchCat, StringCchCatEx, StringCchCatN, StringCchCatNEx 无边界检查
StrCatNW StringCbCat, StringCbCatEx, StringCbCatN, StringCbCatNEx, StringCchCat, StringCchCatEx, StringCchCatN, StringCchCatNEx 无边界检查
StrCatW StringCbCat, StringCbCatEx, StringCbCatN, StringCbCatNEx, StringCchCat, StringCchCatEx, StringCchCatN, StringCchCatNEx 无边界检查
StrCpy StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
StrCpyA StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
StrCpyN StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 不为 NULL 终止
StrCpyNA StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 不为 NULL 终止
StrCpyNW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 有限错误检查
strcpyW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
StrCpyW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
StrNCat StringCbCatN, StringCbCatNEx, StringCchCatN, StringCchCatNEx 有限错误检测
StrNCatA StringCbCatN, StringCbCatNEx, StringCchCatN, StringCchCatNEx 有限错误检测
StrNCatW StringCbCatN, StringCbCatNEx, StringCchCatN, StringCchCatNEx 有限错误检测
StrNCpy StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 不为 NULL 终止
StrNCpyA StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 不为 NULL 终止
StrNCpyW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 不为 NULL 终止
gets gets_s, fgets, StringCbGets, StringCbGetsEx, StringCchGets, StringCchGetsEx 有限错误检测;C11 标准已弃用
lstrcat StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcatA StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcatn StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcatnA StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcatnW StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcatW StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
lstrcpy StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
lstrcpyA StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
lstrcpyn StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 有限错误检测
lstrcpynA StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 有限错误检测
lstrcpynW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
lstrcpyW StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx 无边界检查
snscanf sscanf_s 无边界检查
snwscanf swscanf_s 无边界检查
sprintf sprintf_s 有限错误检测
sprintfA sprintf_s 无边界检查
sprintfW swprintf_s 无边界检查
lstrncat StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx 有限错误检测
makepath
nsprintf sprintf_s 无错误检测或边界检查
strcat strcat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, strlcat 有限的错误检测
strcatA strcat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, strlcat 有限的错误检测
strcatW strcat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, strlcat 有限的错误检测
strcpy strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy 无边界检查
strcpyA strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy 无边界检查
strncat strncat_s, StringCbCatN, StringCbCatNEx, StringCchCatN, StringCchCatNEx, strlcat 有限的错误检测
strncpy strncpy_s, StringCbCopyN, StringCbCopyNEx, StringCchCopyN, StringCchCopyNEx, strlcpy 有限的错误检测
swprintf swprintf_sStringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintf, StringCbPrintfEx 有限的错误检测
ualstrcpyW strcpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, strlcpy 无边界检查
vsnprintf vsnprintf_s, StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 有限的错误检测
vsprintf vsprintf_s, StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx, vasprintf 有限的错误检测
vswprintf vswprintf_s
wcscat wcscat_s, StringCbCat, StringCbCatEx, StringCchCat, StringCchCatEx, wcslcat 有限的错误检测
wcscpy wcscpy_s, StringCbCopy, StringCbCopyEx, StringCchCopy, StringCchCopyEx, wcslcpy 无边界检查
wcsncat wcsncat_s, wcslcat 有限的错误检测
wcsncpy wcsncpy_s, StringCbCopyN, StringCbCopyNEx, StringCchCopyN, StringCchCopyNEx, wcslcpy 有限的错误检测
wnsprintf StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 无 NULL 终止
wnsprintfA StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 无 NULL 终止
wsprintf StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 无 NULL 终止
wsprintfA StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 无 NULL 终止
wsprintfW StringCbPrintf, StringCbPrintf_l, StringCbPrintf_lEx, StringCbPrintfEx, StringCchPrintf, StringCchPrintfEx 无 NULL 终止
wvnsprintf StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止
wvnsprintfA StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止
wvnsprintfW StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止
wvsprintf StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止
wvsprintfA StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止
wvsprintfW StringCbVPrintf, StringCbVPrintf_l, StringCbVPrintf_lEx, StringCbVPrintfEx, StringCchVPrintf, StringCchVPrintf_l, StringCchVPrintf_lEx, StringCchVPrintfEx 无 NULL 终止