Home Dashboard Directory Help

strdup() calls redundant strcpy_s() by Dmitry Me



Sign in
to vote
Type: Bug
ID: 763702
Opened: 9/20/2012 1:08:35 AM
Access Restriction: Public
User(s) can reproduce this bug


I have this code:


that I compile and run and get to disassembly. Here's how strdup() works inside:

73:     size = strlen(string) + 1;
78AC5BAC push        dword ptr [ebp+8]
78AC5BAF call        strlen (78AA2900h)
78AC5BB4 lea         esi,[eax+1]
    74: #ifdef _DEBUG
    75:         if (memory = _malloc_dbg(size, nBlockUse, szFileName, nLine))
    76: #else /* _DEBUG */
    77:         if (memory = malloc(size))
78AC5BB7 push        esi
78AC5BB8 call        malloc (78AB0233h)
78AC5BBD mov         edi,eax
78AC5BBF pop         ecx
78AC5BC0 pop         ecx
78AC5BC1 cmp         edi,ebx
78AC5BC3 je         $LN12 (78AC5BE1h)
    78: #endif /* _DEBUG */
    79:         {
    80:                 _ERRCHECK(strcpy_s(memory, size, string));
78AC5BC5 push        dword ptr [ebp+8]
78AC5BC8 push        esi
78AC5BC9 push        edi
78AC5BCA call        strcpy_s (78AB48B4h)

See, it first computes the string length with strlen() to find how much memory to allocate, then calls malloc() and then calls strcpy_s(). Using strcpy_s() means it will always be a bytewise copy, always starting from start of the string and each iteration will check that the copied character is nonzero and there's enough space in the destination. This all cool, but redundant here, because you know for sure that there's enough space in the destination and you know exactly how many characters to copy. Here memcpy() should be used which can copy not only bytewise but also bigger chunks and it can copy starting from end of string if that happens to be faster.
Sign in to post a comment.
Posted by Microsoft on 1/25/2013 at 1:54 PM

Thanks for reporting this issue. Due to other higher priority work-items however, we have decided not to address this issue in the next release of the product. We will keep it in our database for future consideration.

Thank you,
Visual C++ Team
Posted by Microsoft on 9/20/2012 at 2:49 AM
Thanks for your quick response. We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.
Posted by Dmitry Me on 9/20/2012 at 2:42 AM
Even better, you could open strdup.c in the Visual C++ runtime library sources - the function is implemented there.
Posted by Dmitry Me on 9/20/2012 at 2:36 AM
No problem, create a new C++ "Console application" using Visual Studio project template and change its main to be

int _tmain(int /*argc*/, _TCHAR* /*argv[]*/)
Posted by Microsoft on 9/20/2012 at 2:21 AM
Thank you for submitting feedback on Visual Studio and .NET Framework. In order to efficiently investigate and reproduce this issue, we are requesting additional information outlined below.

Could you please give us a demo project to demonstrate this issue so that we can conduct further research?

Please submit this information to us within 4 business days. We look forward to hearing from you with this information.

Microsoft Visual Studio Connect Support Team
Posted by Microsoft on 9/20/2012 at 1:50 AM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)
Sign in to post a workaround.