Why does MSVC++ consider "std::strcat" to be "unsafe"? (C++)

c++ warnings strcat strcat-s
user98188 picture user98188 · Jun 1, 2009 · Viewed 7.7k times · Source

When I try to do things like this:

char* prefix = "Sector_Data\\sector";
char* s_num = "0";
std::strcat(prefix, s_num);
std::strcat(prefix, "\\");

and so on and so forth, I get a warning

warning C4996: 'strcat': This function or variable may be unsafe. Consider using strcat_s instead.

Why is strcat considered unsafe, and is there a way to get rid of this warning without using strcat_s?

Also, if the only way to get rid of the warning is to use strcat_s, how does it work (syntax-wise: apparently it does not take two arguments).

Answer

Evan Teran picture Evan Teran · Jun 1, 2009

If you are using c++, why not avoid the whole mess and use std::string. The same example without any errors would look like this:

std::string prefix = "Sector_Data\\sector";
prefix += "0";
prefix += "\\"

no need to worry about buffer sizes and all that stuff. And if you have an API which takes a const char *, you can just use the .c_str() member;

some_c_api(prefix.c_str());

Related questions

How to use _CRT_SECURE_NO_WARNINGS

I have compile error in my simple MFC window application generated from wizard with several lines of code: error C4996: 'strncpy': This function or variable may be unsafe. Consider using strncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_…

Read More
libpng warning: iCCP: known incorrect sRGB profile

I'm trying to load a PNG image using SDL but the program doesn't work and this error appears in the console libpng warning: iCCP: known incorrect sRGB profile Why does this warning appear? What should I do to solve this …

Read More
How do I best silence a warning about unused variables?

I have a cross platform application and in a few of my functions not all the values passed to functions are utilised. Hence I get a warning from GCC telling me that there are unused variables. What would be the …

Read More