Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compiler warnings - sscanf - function or variable may be unsafe #17

Open
pappde opened this issue Mar 2, 2021 · 5 comments
Open

Compiler warnings - sscanf - function or variable may be unsafe #17

pappde opened this issue Mar 2, 2021 · 5 comments
Labels
warning

Comments

@pappde
Copy link
Owner

pappde commented Mar 2, 2021

STEPS:

  1. load in VS
  2. compile
  3. observe warnings about sscanf

EXPECTED:
no warnings

NOTES:
The exact warning

...\src\bmai.cpp(3344): warning C4996: 'sscanf': This function or variable may be unsafe. Consider using sscanf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.

Example code:
''''
else if (sscanf(line, "ply %d %d", &param, &param2)==2)
''''

The code looks safe and sscanf() isn't really deprecated, so not a priority.
@pappde pappde added the warning label Mar 2, 2021
@danlangford
Copy link
Collaborator

It should also be noted that sscanf_s may be Microsoft specific and may break the current cross platform build

@pappde
Copy link
Owner Author

pappde commented Mar 5, 2021

Yes, it looks like it is. Need to look at this and determine if the use is safe, and the warning can be disabled, or if the warning is warranted, in which case case we can just define a wrapper for other platfforms.

Need to determine what is the proper #ifdef to indicate running under the microsoft compiler

@danlangford
Copy link
Collaborator

I did some research (don’t have links handy) that showed you cannot just ifdef sscanf_s for sscanf. Different parameters. But one resource suggested the “right” way is to avoid scanf and use iostreams? Or std::string? or std::stringstream ? 🤷‍♂️

@pappde
Copy link
Owner Author

pappde commented Mar 5, 2021

The signature is the same, so a #ifdef...#define should work. If the parameters were not the same, we could just define a wrapper method (i.e. implement "sscanf_s()" for other platforms). I did a quick test and simply replacing sscanf() with sscanf_s() works, however, it doesn't like this one line:

else if (sscanf_s(line, "debug %32s %d" ,&sparam,&param)==2)

src\bmai.cpp(3984): warning C4477: 'sscanf_s' : format string '%32s' requires an argument of type 'unsigned int', but variadic argument 2 has type 'INT *'

That warning looks wrong.

Also, still need to identify the proper "#ifdef" for this compile environment.

@danlangford
Copy link
Collaborator

I found some clues in this dated article https://www.gamedev.net/forums/topic/564260-sscanf_s-in-linux-ubuntu/ may not even be relevant anymore

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
warning
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@danlangford @pappde