Expand Minimize

StringCbPrintf function

Writes formatted data to the specified string. The size of the destination buffer is provided to the function to ensure that it does not write past the end of this buffer.

StringCbPrintf is a replacement for the following functions:

Syntax


HRESULT StringCbPrintf(
  _Out_  LPTSTR pszDest,
  _In_   size_t cbDest,
  _In_   LPCTSTR pszFormat,
  _In_    ...
);

Parameters

pszDest [out]

Type: LPTSTR

The destination buffer, which receives the formatted, null-terminated string created from pszFormat and its arguments.

cbDest [in]

Type: size_t

The size of the destination buffer, in bytes. This value must be sufficiently large to accommodate the final formatted string plus the terminating null character. The maximum number of bytes allowed is STRSAFE_MAX_CCH * sizeof(TCHAR).

pszFormat [in]

Type: LPCTSTR

The format string. This string must be null-terminated.

... [in]

The arguments to be inserted into the pszFormat string.

Return value

Type: HRESULT

This function can return one of the following values. It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.

Return codeDescription
S_OK

There was sufficient space for the result to be copied to pszDest without truncation, and the buffer is null-terminated.

STRSAFE_E_INVALID_PARAMETER

The value in cbDest is either 0 or larger than STRSAFE_MAX_CCH * sizeof(TCHAR).

STRSAFE_E_INSUFFICIENT_BUFFER

The copy operation failed due to insufficient buffer space. The destination buffer contains a truncated, null-terminated version of the intended result. In situations where truncation is acceptable, this may not necessarily be seen as a failure condition.

 

Note that this function returns an HRESULT value, unlike the functions that it replaces.

Remarks

Compared to the functions it replaces, StringCbPrintf provides additional processing for proper buffer handling in your code. Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCbPrintf always null-terminates a nonzero-length destination buffer.

Behavior is undefined if the strings pointed to by pszDest, pszFormat, or any argument strings overlap.

Neither pszFormat nor pszDest should be NULL. See StringCbPrintfEx if you require the handling of null string pointer values.

StringCbPrintf can be used in its generic form, or in its more specific forms. The data type of the string determines the form of this function that you should use.

String Data TypeString LiteralFunction
char"string"StringCbPrintfA
TCHARTEXT("string")StringCbPrintf
WCHARL"string"StringCbPrintfW

 

Examples

The following example shows a basic use of StringCbPrintf, using four arguments.


int const arraysize = 30;
TCHAR pszDest[arraysize]; 
size_t cbDest = arraysize * sizeof(TCHAR);

LPCTSTR pszFormat = TEXT("%s %d + %d = %d.");
TCHAR* pszTxt = TEXT("The answer is");

HRESULT hr = StringCbPrintf(pszDest, cbDest, pszFormat, pszTxt, 1, 2, 3);

// The resultant string at pszDest is "The answer is 1 + 2 = 3."

Requirements

Minimum supported client

Windows XP with SP2 [desktop apps | Windows Store apps]

Minimum supported server

Windows Server 2003 with SP1 [desktop apps | Windows Store apps]

Header

Strsafe.h

Unicode and ANSI names

StringCbPrintfW (Unicode) and StringCbPrintfA (ANSI)

See also

Reference
StringCchPrintf
StringCbPrintfEx
StringCbVPrintf

 

 

Community Additions

ADD
Show:
© 2014 Microsoft