StringCbCopyEx (Windows CE 5.0)

Send Feedback

Developing an Application > Safe String Functions > Safe String Reference > StrSafe.h Byte-Count Functions

This function is a replacement for strcpy.

The size, in bytes, of the destination buffer is provided to the function to ensure that StringCbCopyEx does not write past the end of this buffer.

StringCbCopyEx adds to the functionality of StringCbCopy by returning a pointer to the end of the destination string, and by returning the number of bytes left unused in that string.

Flags can also be passed to the function for additional control.

HRESULT StringCbCopyEx(          LPTSTR pszDest,
    size_t cbDest,
    LPCTSTR pszSrc,
    LPTSTR *ppszDestEnd,
    size_t *pcbRemaining,
    DWORD dwFlags);

Parameters

• pszDest
  [out] Pointer to a buffer that receives the copied string.

• cbDest
  [in] Size of the destination buffer, in bytes.

  This value must consider the length of pszSrc plus the terminating null character.

  The maximum number of bytes allowed is STRSAFE_MAX_CCH * sizeof(TCHAR).

• pszSrc
  [in] Pointer to a buffer containing the source string.

  This source string must be null-terminated.

• ppszDestEnd
  [out] Address of a pointer to the end of pszDest.

  If ppszDestEnd is non-NULL and data is copied into the destination buffer, this points to the terminating null character at the end of the string.

• pcbRemaining
  [out] Pointer to a variable that indicates the number of unused bytes in pszDest, including those used for the terminating null character.

  If pcbRemaining is NULL, the count is not kept or returned.

• dwFlags
  [in] One or more of the following values.

  Value	Description
  STRSAFE_FILL_BEHIND_NULL	If the function succeeds, the low byte of dwFlags (0) is used to fill the uninitialized portion of pszDest following the terminating null character.
  STRSAFE_IGNORE_NULLS	Treat null string pointers like empty strings (TEXT("")). This flag is useful for emulating functions such as lstrcpy.
  STRSAFE_FILL_ON_FAILURE	If the function fails, the low byte of dwFlags (0) is used to fill the entire pszDest buffer, and the buffer is null-terminated. In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string returned is overwritten.
  STRSAFE_NULL_ON_FAILURE	If the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.
  STRSAFE_NO_TRUNCATION	As in the case of STRSAFE_NULL_ON_FAILURE, if the function fails, pszDest is set to an empty string (TEXT("")). In the case of a STRSAFE_E_INSUFFICIENT_BUFFER failure, any truncated string is overwritten.

Return Value

This function returns an HRESULT, as opposed to strcpy, which returns a pointer.

It is strongly recommended that you use the SUCCEEDED and FAILED macros to test the return value of this function.

Remarks

StringCbCopyEx provides additional processing for proper buffer handling in your code.

Poor buffer handling is implicated in many security issues that involve buffer overruns. StringCbCopyEx always null-terminates a nonzero-length destination buffer.

StringCbCopyEx can be used in its generic form, or specifically as StringCbCopyExA (for ANSI strings) or StringCbCopyExW (for Unicode strings). The form to use is determined by your data.

StringCbCopyEx and its ANSI and Unicode variants are replacements for these functions:

• strcpy
• wcscpy

Behavior is undefined if the strings pointed to by pszSrc and pszDest overlap.

Neither pszSrc nor pszDest should be NULL unless the STRSAFE_IGNORE_NULLS flag is specified; in which case both might be NULL.

However, an error due to insufficient space might still be returned even though null values are ignored.

Requirements

OS Versions: Windows CE 5.0 and later.
Header: strsafe.h.
Link Library: strsafe.lib.

See Also

StringCbCopy | StringCchCopyEx

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.