If this is an effort to port Unix standard C code to Windows, I'm afraid you have a *lot* more bumps on the road ahead. This one (as has been pointed out) is not a security problem, as there is an snprintf (and strncat) available, just with a mangled name.

I'd argue that the Win32 C API is actually a bit better than the standard C Unix calls. Redmond didn't invent strcat, gets, strtok, ctime, sort, or any of that junk. They mostly support them, because they have to, but there are usually "native" equivalents that are more secure/safe. On the other hand, parts of the Win32 API have a significant reliance on LPVOID pointers to structures, which prevents the compiler from being able to detect a lot of type safety problems.

My advice is to recognize you aren't in Kansas anymore. Simple Unix C code will port cleanly if you watch for _snprintf type issues and deal with them in a cross-platform header. Complex code with GUIs, pipes, shared memory, threads, etc., are MUCH harder and can justify the investment in a RogueWave or ACE type library system.

Get your free encrypted email at https://www.hushmail.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]