none
What's the purpose of declaring a small buffer of known size on the heap? RRS feed

  • Question

  • MSDN offers this example for using wcstombs_s:

    // crt_wcstombs_s.c
    // This example converts a wide character
    // string to a multibyte character string.
    #include <stdio.h>
    #include <stdlib.h>
    #include <assert.h>
    
    #define BUFFER_SIZE 100
    
    int main( void )
    {
        size_t   i;
        char      *pMBBuffer = (char *)malloc( BUFFER_SIZE );
        wchar_t*pWCBuffer = L"Hello, world.";
    
        printf( "Convert wide-character string:\n" );
    
        // Conversion
        wcstombs_s(&i, pMBBuffer, (size_t)BUFFER_SIZE,
                   pWCBuffer, (size_t)BUFFER_SIZE );
    
        // Output
        printf("   Characters converted: %u\n", i);
        printf("    Multibyte character: %s\n\n",
         pMBBuffer );
    
        // Free multibyte character buffer
        if (pMBBuffer)
        {
        free(pMBBuffer);
        }
    }
    Why would you put the 100-byte buffer on the heap as opposed to using an array on the stack?

    Monday, November 4, 2019 3:02 AM

All replies

  • Hello,

    Thank you for posting here.

    This demo may be just an example. I tested this program with a static array and it work. Although there are many differences between static arrays and dynamic arrays, but I pass them into the function as parameters here, and the final effect is the same. So you don't need to care about this.

    Best Regards,

    Suarez Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, November 4, 2019 6:45 AM
  • The general idea is security.

    If you somehow fail to do buffer size checking on the string then you can overwrite the return address of the function you are in and get it to execute code that you somehow injected into the application. You don't have this problem with the string on the heap.

    But to be honest, if you are using C++ then std::string/std::wstring or one of the Unicode versions of those would be more preferable.


    This is a signature. Any samples given are not meant to have error checking or show best practices. They are meant to just illustrate a point. I may also give inefficient code or introduce some problems to discourage copy/paste coding. This is because the major point of my posts is to aid in the learning process.

    Monday, November 4, 2019 8:21 AM
  • Oh, I thought that's the point of using the secure functions (with the "_s" suffix).
    Monday, November 4, 2019 3:04 PM
  • Darran Rowe's observation about the risk associated with a stack-based vs. heap-based buffer overrun was insightful and informative.

    Having said that, the cynic in me suspects that the author(s) of the MS sample to demonstrate the secure "_s" version didn't have that in mind. :)

    Monday, November 4, 2019 3:15 PM
  • So then what did they have in mind?
    Monday, November 4, 2019 3:41 PM
  • Only to demonstrate how "_s" function is used.
    • Edited by RLWA32 Monday, November 4, 2019 3:44 PM
    Monday, November 4, 2019 3:43 PM
  • Sorry, I still don't understand.  When using wcstombs_s, should the allocation always be done on the heap, or is it fine to do on the stack?
    Monday, November 4, 2019 3:45 PM
  • Sorry, I still don't understand.  When using wcstombs_s, should the allocation always be done on the heap, or is it fine to do on the stack?

    Whichever suits your needs.

    I think you are giving too much significance into how the sample code was written.


    • Edited by RLWA32 Monday, November 4, 2019 3:46 PM
    Monday, November 4, 2019 3:46 PM
  • The _s functions can still happily overrun the end of the buffer if you use it wrong. The _s functions aid you in preventing buffer overruns, this doesn't mean that just by using them you will automatically eliminate all buffer overruns.

    The obvious way to get this to overrun is by providing a buffer size for the output buffer that is larger than the actual buffer. Sure you may think that with the size being constant that will never happen, but never underestimate future code changes.

    Also, don't forget that your original question was why would you do something like this, not if it was required. I only gave an observation as to why someone would choose to use the heap instead of the stack. If your question was "Is it required to use the heap to use wcstombs_s?" then you should ask that question. People can't read your mind or understand your intentions without you being specific. If you had asked that exact question then my answer would have been no, as long as the application uses a pointer to the memory buffer then the function will be happy.


    This is a signature. Any samples given are not meant to have error checking or show best practices. They are meant to just illustrate a point. I may also give inefficient code or introduce some problems to discourage copy/paste coding. This is because the major point of my posts is to aid in the learning process.

    Tuesday, November 5, 2019 1:55 AM
  • Hello,

    If your issue is solved, please "Mark as answer" or "Vote as helpful" post to the appropriate answer , so that it will help other members to find solution quickly if they faces similar issue.

    Best Regards,

    Suarez Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, November 11, 2019 7:04 AM