C6057

Article
02/04/2013

warning C6057: buffer overrun due to number of characters/number of bytes mismatch in call to <function>

This warning indicates that a function that expects the number of characters is being passed the number of bytes instead. With wide (Unicode) characters, the values are different. This defect might cause an exploitable buffer overrun or crash.

A common cause of this defect is using sizeof on a character array. The sizeof operator always computes the number of bytes; for ANSI characters this is the same as the number of characters, but for Unicode characters it is twice the number of characters.

It is usually safe to compute the number of elements in an array by dividing the size of the array by the size of each element.

Example

The following code generates this warning if it is compiled using the Unicode character set:

#include<tchar.h>
#include<windows.h>

void f( HINSTANCE hInst, UINT uID )
{
  TCHAR buff[128];
  if ( LoadString ( hInst, uID, buff, sizeof buff ) ) // warning C6057
  {
    // code...
  }
}

To correct this warning, divide the size of the array by the size of the element as shown in the following code:

#include<tchar.h>
#include<windows.h>

void f(HINSTANCE hInst,UINT uID)
{
  TCHAR buff[128];
  if( LoadString ( hInst, uID, buff, (sizeof buff)/(sizeof buff[0]) ) )
  {
    // code...
  }
}

For information about how to use Unicode character set in Visual C++, see General Property Page (Project). For more information about LoadString, see LoadString Function

C6057

Example

Additional resources