Solved

VS2005 C runtime and _set_invalid_parameter_handler

Posted on 2006-11-08
4
1,455 Views
Last Modified: 2012-06-27
VS2005's C runtime has security enhancements that catch problems at runtime with functions like:

strcpy_s

there is a mechanism to setup _invalid_parameter_handler using the _setup_invalid_parameter_handler function.  If a runtime event happens the handler gets called.  Ok, that's good.

But when this happens (in the field as always) there does not seem to be any way to relate this back to the source.  You get line number information but it's from the source of strcpy_s and not my code that calls strcpy_s.

How can such an error be referenced back to a source code line that I've written?
0
Comment
Question by:jhance
  • 2
4 Comments
 
LVL 12

Expert Comment

by:rajeev_devin
ID: 17897314
0
 
LVL 32

Author Comment

by:jhance
ID: 17897716
rajeev,

I read through the comments at the link you referenced, but I don't see the connection to my question...
0
 
LVL 39

Accepted Solution

by:
itsmeandnobodyelse earned 500 total points
ID: 17898171
>>>> How can such an error be referenced back to a source code line that I've written?

Don't see a way to do so by using standard means. The call stack is only available in debug mode.

If you don't mind to take some efforts and are not afraid of using macros you might call wrapper functions instead of the original secure functions like that:

#define STRCPY_S(dest, siz, src) mystrcpy_s(__FILE__, __LINE__, dest, siz, src)

errno_t mystrcpy_s(const char srcfile[], int lineNo,
                   char *strDestination, size_t sizeInBytes, const char *strSource)
{
    Global::g_strLastSrcFile   = srcfile;
    Global::g_strLastLineNo    = lineNo;
    Global::g_strLastFunction  = "strcpy_s";
    return strcpy_s( strDestination, sizeInBytes, strSource);
}

These 'global' variables may be static members of a class Global or global variables in a namespace.

If doing so for all 'secure' runtime functions you could evaluate that information in your invalisd parameter handler.

Regards, Alex
 
0
 
LVL 32

Author Comment

by:jhance
ID: 17933878
I was hoping for something cleaner but it seems this is the best there is...

Thanks...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IntroductionThis article is the second in a three part article series on the Visual Studio 2008 Debugger.  It provides tips in setting and using breakpoints. If not familiar with this debugger, you can find a basic introduction in the EE article loc…
C++ Properties One feature missing from standard C++ that you will find in many other Object Oriented Programming languages is something called a Property (http://www.experts-exchange.com/Programming/Languages/CPP/A_3912-Object-Properties-in-C.ht…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now