Export (0) Print
Expand All

StringCbCopyEx function

Copies one string to another. The size of the destination buffer is provided to the function to ensure that it does not write past the end of this buffer.

StringCbCopyEx adds to the functionality of StringCbCopy by returning a pointer to the end of the destination string as well as the number of bytes left unused in that string. Flags may also be passed to the function for additional control.

StringCbCopyEx is a replacement for the following functions:

Syntax


HRESULT StringCbCopyEx(
  _Out_      LPTSTR pszDest,
  _In_       size_t cbDest,
  _In_       LPCTSTR pszSrc,
  _Out_opt_  LPTSTR *ppszDestEnd,
  _Out_opt_  size_t *pcbRemaining,
  _In_       DWORD dwFlags
);

Parameters

pszDest [out]

Type: LPTSTR

The destination buffer, which receives the copied string.

cbDest [in]

Type: size_t

The size of the destination buffer, in bytes. This value must consider the length of pszSrc plus the terminating null character. The maximum number of bytes allowed is STRSAFE_MAX_CCH * sizeof(TCHAR).

pszSrc [in]

Type: LPCTSTR

The source string. This string must be null-terminated.

ppszDestEnd [out, optional]

Type: LPTSTR*

The address of a pointer to the end of pszDest. If ppszDestEnd is non-NULL and any data is copied into the destination buffer, this points to the terminating null character at the end of the string.

pcbRemaining [out, optional]

Type: size_t*

The number of unused bytes in pszDest, including those used for the terminating null character. If pcbRemaining is NULL, the count is not kept or returned.

dwFlags [in]

Type: DWORD

One or more of the following values.

ValueMeaning
STRSAFE_FILL_BEHIND_NULL
0x00000200

If the function succeeds, the low byte of dwFlags (0) is used to fill the uninitialized portion of pszDest following the terminating null character.

STRSAFE_IGNORE_NULLS
0x00000100

Treat NULL string pointers like empty strings (TEXT("")). This flag is useful for emulating functions such as lstrcpy.

STRSAFE_FILL_ON_FAILURE
0x00000400

If the function fails, the low byte of dwFlags (0) is used to fill the entire pszDest buffer, and the buffer is null-terminated. In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string returned is overwritten.

STRSAFE_NULL_ON_FAILURE
0x00000800

If the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.

STRSAFE_NO_TRUNCATION
0x00001000

As in the case of STRSAFE_NULL_ON_FAILURE, if the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.

 

Return value

Type: HRESULT

This function can return one of the following values. It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.

Return codeDescription
S_OK

Source data was present, fully copied without truncation, and the resultant destination buffer is null-terminated.

STRSAFE_E_INVALID_PARAMETER

Either pszDest is NULL when there is source data present to copy, or an invalid flag was passed.

STRSAFE_E_INSUFFICIENT_BUFFER

The copy operation failed due to insufficient buffer space. Depending on the value of dwFlags, the destination buffer may contain a truncated, null-terminated version of the intended result. In situations where truncation is acceptable, this may not necessarily be seen as a failure condition.

 

Note that this function returns an HRESULT value, unlike the functions that it replaces.

Remarks

Compared to the functions it replaces, StringCbCopyEx provides additional processing for proper buffer handling in your code. Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCbCopyEx always null-terminates and never overflows a valid destination buffer, even if the contents of the source string change during the operation.

Behavior is undefined if the strings pointed to by pszSrc and pszDest overlap.

Neither pszSrc nor pszDest should be NULL unless the STRSAFE_IGNORE_NULLS flag is specified, in which case both may be NULL. However, an error due to insufficient space may still be returned even though NULL values are ignored.

StringCbCopyEx can be used in its generic form, or in its more specific forms. The data type of the string determines the form of this function that you should use.

String Data TypeString LiteralFunction
char"string"StringCbCopyExA
TCHARTEXT("string")StringCbCopyEx
WCHARL"string"StringCbCopyExW

 

Requirements

Minimum supported client

Windows XP with SP2 [desktop apps | Windows Store apps]

Minimum supported server

Windows Server 2003 with SP1 [desktop apps | Windows Store apps]

Header

Strsafe.h

Unicode and ANSI names

StringCbCopyExW (Unicode) and StringCbCopyExA (ANSI)

See also

Reference
StringCbCopy
StringCchCopyEx

 

 

Community Additions

ADD
Show:
© 2014 Microsoft