StringCchCopyNEx function

Copies the specified number of characters from one string to another. The size of the destination buffer is provided to the function to ensure that it does not write past the end of this buffer.

StringCchCopyNEx adds to the functionality of StringCchCopyN by returning a pointer to the end of the destination string as well as the number of characters left unused in that string. Flags may also be passed to the function for additional control.

StringCchCopyNEx is a replacement for the following functions:


HRESULT StringCchCopyNEx(
  _Out_     LPTSTR  pszDest,
  _In_      size_t  cchDest,
  _In_      LPCTSTR pszSrc,
  _In_      size_t  cchSrc,
  _Out_opt_ LPTSTR  *ppszDestEnd,
  _Out_opt_ size_t  *pcchRemaining,
  _In_      DWORD   dwFlags


pszDest [out]


The destination buffer, which receives the copied string.

cchDest [in]

Type: size_t

The size of pszDest, in characters. This value must be at least large enough to hold the copied characters (the length of pszSrc or the value of cchSrc, whichever is smaller) plus 1 to account for the terminating null character. The maximum number of characters allowed is STRSAFE_MAX_CCH.

pszSrc [in]


The source string. TThis string must be readable up to cchSrc characters or a null terminator, whichever comes first.

cchSrc [in]

Type: size_t

The maximum number of characters to be copied from pszSrc to pszDest.

ppszDestEnd [out, optional]


The address of a pointer to the end of pszDest. If ppszDestEnd is non-NULL and any data is copied into the destination buffer, this points to the terminating null character at the end of the string.

pcchRemaining [out, optional]

Type: size_t*

The number of unused characters in pszDest, including the terminating null character. If pcchRemaining is NULL, the count is not kept or returned.

dwFlags [in]


One or more of the following values.


If the function succeeds, the low byte of dwFlags (0) is used to fill the uninitialized portion of pszDest following the terminating null character.


Treat NULL string pointers like empty strings (TEXT("")).


If the function fails, the low byte of dwFlags (0) is used to fill the entire pszDest buffer, and the buffer is null-terminated. In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string returned is overwritten.


If the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.


As in the case of STRSAFE_NULL_ON_FAILURE, if the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.


Return value


This function can return one of the following values. It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.

Return codeDescription

Source data was present, fully copied without truncation, and the resultant destination buffer is null-terminated.


Either pszDest or pszSrc is greater than STRSAFE_MAX_CCH, pszDest is NULL when there is source data present to copy, or an invalid flag was passed.


The copy operation failed due to insufficient buffer space. Depending on the value of dwFlags, the destination buffer may contain a truncated, null-terminated version of the intended result. In situations where truncation is acceptable, this may not necessarily be seen as a failure condition.


Note that this function returns an HRESULT value, unlike the functions that it replaces.


StringCchCopyNEx provides additional processing for proper buffer handling in your code. Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCchCopyNEx always null-terminates and never overflows a valid destination buffer, even if the contents of the source string change during the operation.

While this routine is meant as a replacement for strncpy, there are differences in behavior. If cchSrc is larger than the number of characters in pszSrc, StringCchCopyNEx—unlike strncpy—does not continue to pad pszDest with null characters until cchSrc characters have been copied.

Behavior is undefined if the strings pointed to by pszSrc and pszDest overlap.

Neither pszSrc nor pszDest should be NULL unless the STRSAFE_IGNORE_NULLS flag is specified, in which case both may be NULL. However, an error due to insufficient space may still be returned even though NULL values are ignored.

StringCchCopyNEx can be used in its generic form, or in its more specific forms. The data type of the string determines the form of this function that you should use, as shown in the following table.

String Data TypeString LiteralFunction



Minimum supported client

Windows XP with SP2 [desktop apps | UWP apps]

Minimum supported server

Windows Server 2003 with SP1 [desktop apps | UWP apps]



Unicode and ANSI names

StringCchCopyNExW (Unicode) and StringCchCopyNExA (ANSI)

See also