Visual C++ CRT build error(C4996) issue
2015/10/09
Hi everyone!
In this article, I’d like to talk about Visual C++ CRT build error(C4996). The build error occurs when we use C runtime library(CRT). I always use _CRT_SECURE_NO_WARNINGS macro for the issue.
At first, I made a VC++ project on visual studio community 2013 as follows.
Templates -> Visual C++ -> Win32 -> Win32 Console Application
Build and run. it just do nothing.
Next, I added include and function calls. And build.
// ConsoleApplication1.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include <stdio.h> #include <string.h> int _tmain(int argc, _TCHAR* argv[]) { char str[10]; strcpy(str, "hello!"); printf("%s", str); return 0; }
A build error occurred as follows.
error C4996: ‘strcpy’: This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
What should we do? The link below is MSDN about this issue.
Security Features in the CRT
using _s functions
We can use strcpy_s instead of strcpy.
strcpy_s(str, “hello!”);
The function strcpy_s is more secure version. So we should use strcpy_s instead of strcpy.
It is certainly so.
But, if we have open source library source, we have to update the source. It needs time to update. Or I think that when we start to study C language programing, we use without _s functions.
_CRT_SECURE_NO_WARNINGS
I always define _CRT_SECURE_NO_WARNINGS to use old CRT functions. There are some ways to define. I always insert the definition in stdafx.h as follows.
#pragma once #define _CRT_SECURE_NO_WARNINGS 1 // <--- this line #include "targetver.h" #include <stdio.h> #include <tchar.h>
After that we can use unsafe CRT functions. But we should remember that the security issues still exist.