#1
|
|||
|
|||
strcpy in MT apps leaks memory?
I was at an interview last friday for a CPP job.
The guy conducting the interview asked me how proficient I was with MSVC. He then later asked me about what problems are there when using strcpy in a MT (Multi-Threaded) app? I said none, it can be used as nomal. He said no, strcpy produces memory leaks when used in a MT app and he claimed that MS recommends using the Win32 API StrCpy instead of the STDC strcpy function. He said MS did this on purpose to force devs to use the Win32 equivalent. Is this true for MSVC6? Is there any way for me to verify this accurately in MSVC 7.1? |
#2
|
|||
|
|||
No, he wrong 100%. strcpy and StrCpy (in ShlWApi.dll) did not have any problems in Multithread or Single Thread mode. They are only a rep movsd or rep stosd, and do not allocate or free any memory. It is same for RtlMoveMemory in NTDLL.dll. You can view the source code of strcpy in your VC crt\src folder.
TQN |
#3
|
|||
|
|||
Then it would appear that it was the interviewer's memory which was "leaking."
Regards,
__________________
JMI |
#4
|
|||
|
|||
the StrCpyW i have in shlwapi.dll is indeed a very simple memory copy until 0 (not really a rep movsd as said above, but something like it). and actually, i can't imagine a way why a memoryleak would ever occur in such a function. strange hoax, imho.
|
#5
|
|||
|
|||
This is what MS says about StrCpy:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/shellcc/platform/shell/reference/shlwapi/string/strcpy.asp Security Alert Using this function incorrectly can compromise the security of your application. The first argument, psz1, must be large enough to hold psz2 and the closing '\0', otherwise a buffer overrun may occur. Buffer overruns may lead to a denial of service attack against the application if an access violation occurs. In the worst case, a buffer overrun may allow an attacker to inject executable code into your process, especially if psz1 is a stack-based buffer. Consider using one of the following alternatives: StringCbCopy, StringCbCopyEx, StringCbCopyN, StringCbCopyNEx, StringCchCopy, StringCchCopyEx, StringCchCopyN, or StringCchCopyNEx. You should review Security Considerations: Microsoft Windows Shell before continuing. |
#6
|
|||
|
|||
In my opinion it's a retarded question for an interview anyway and you're probably better off not working for them. They should rather test your skill at coding than ask superfluous questions. I reckon the interviewer just has a big ego and his head stuck up his ass
|
#7
|
|||
|
|||
also his "conspiracy theory" that it would have been done to force people use the api version shows that you are better off if you didn't get the job
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Armadilled apps | Annibal | General Discussion | 12 | 02-10-2005 23:29 |