My apologies to Steve Maguire for "borrowing" a title. I constantly see code, examples, and advice that perpetuate unsafe coding practices. As programmers we have the habit of getting something to a "working" state and call it "done". This is especially true in processes that have no real architecture or design phases. Over the years, as a society, programmers have begun to realize some of the obvious flaws and have been perpetuating practices and code checkers to avoid such flaws. But, there's still the mentality of "but it works [in my limited tests], how could it be wrong". For example, … Continue reading Writing Solid Code
Whatever Happened to sprintf(…, "%n", …)? Strsafe.h: Safer String Handling in C Security Enhancements in the CRT Many 3rd party libraries model their API around the ANSI C/C++ libraries, introducing the capability of buffer overruns. Is using a ANSI C++ library/compiler a good thing anymore?
It has always astounded me why the CBitmap class never implemented saving to a file. Here's a nice and tidy way: #include <atlimage.h> #include <Gdiplusimaging.h> //… CBitmap bitmap; bitmap.CreateBitmap(width, height, 1, 32, rgbData); CImage image; image.Attach(bitmap); image.Save(_T("C:\\test.bmp"), Gdiplus::ImageFormatBMP);