warning C28750: Banned usage of lstrlen and its variants
This warning indicates that a function is being used that has been banned, and has better replacements.
The lstrlen function and related variations fail to transmit exceptions that occur during operation. This can cause error conditions to happen much later, potentially on a different thread, making the error conditions harder to diagnose. In addition, equivalent substitute functions can be optimized by the compiler, and avoid the performance overhead of exception handlers (_try and _except blocks).
The lstrlen function and its variants are banned because they fail to transmit exceptions. The correct mitigation is to convert them to another string length function (usually strlen, wcslen, _tcslen). However, while you review the lstrlen changes, you should confirm that the string buffer is coming from trusted code. If you are dealing with untrusted data, you should instead switch from the strlen family of functions to the strnlen family (or StringCchLength family), which will ensure they don't go past the bounds of the untrusted data block.
Unlike lstrlen, none of the replacements catch exceptions. In addition, lstrlen allows NULL pointers, so if NULL pointers are possible at that point in the code, an explicit NULL check is required when replacing lstrlen with strlen or strnlen.
Trusted data replacement options: _tcslen
Untrusted data replacement: _tcsnlen, StringCchLength
Trusted data replacement options: strlen
Untrusted data replacement: strnlen, StringCchLengthA
Trusted data replacement options: wcslen
Untrusted data replacement: wcsnlen, StringCchLengthW
Build date: 11/16/2013