Article directory
Many students will encounter the problem that the scanf function is not safe and report errors when they use visual studio for the first time, and do not know how to solve it. Although there are many articles on CSDN on how to solve this problem, most of them require every method. Repeated operations several times, and there is no systematic explanation for this problem . I was troubled by this problem for a long time when I used visual studio in the early stage. ``
So, today I specially wrote this blog to systematically explain the insecurity of scanf and other functions in the VS compiler, including the reasons for choosing the VS compiler, the reasons why the scanf function is insecure, and a series of solutions to insecurity problems method and the focus of this article: how to permanently solve the insecurity problem once and for all.
Students with limited time can directly click on the directory to read "Once and Forever - One-time Permanent Solution to Scanf Insecurity Problems", but I still hope that everyone can read this article as much as possible, which will help you report VS compiler and function insecurity errors Form a deep and systematic understanding.
1. Why choose VS2013/2019/2022 compiler
There are many popular C language compilers on the market, but I recommend that you use the visual studio compiler for the following reasons:
1. Disadvantages of other compilers:
(1) CodeBlocks and VSCode: They are not mainstream and need to configure the environment. Many beginners give up when configuring the environment, which is not friendly to newcomers.
(2) Dev C++: This software has stopped updating more than 10 years ago. The code printed by this compiler is not beautiful, which is not conducive to us forming a good code style.
(3) VC6.0: This compiler is a compiler from 1998, which is too old and has poor compatibility.
2. The advantages of visual studio:
(1) VS2019 is an integrated development environment, which is friendly to novices. It can be used directly without configuring the environment.
(2) VS2019 is the mainstream integrated development environment, and the usage rate in enterprises is relatively high.
(3) The disadvantage of VS2019 is that it is large and takes up a lot of space, but this is not a big problem.
3. So comprehensively considered, the VS compiler is a better choice for us to learn C language and other languages.
Second, the reason for the insecurity of the scanf function in the VS compiler
Regarding why the VS compiler shows that the scanf function is unsafe, here I will give you an example to illustrate.
You can observe that I have defined an array arr[5] of character type here. At this time, the system will assign a five-byte address to the array in the stack area.
When we enter "Hello, word!" into it, a string that is obviously larger than five bytes, because the scanf function does not check whether the value input in the array will be accessed out of bounds , so when we compile it in Dev C++/CodeBlocks When the software runs the above code, the program will end normally. This will lead to out-of-bounds access to the array, and sometimes the consequences of out-of-bounds access to the array are very serious, it may cause our system to crash!
But when we run the above code on VS, the editor will have a Debug Error prompt , which can prompt the programmer or user well, so as to avoid inputting illegal strings and ensure program security.
3. Several methods to solve the insecurity of scanf and their disadvantages
There are several common methods on the Internet to solve the insecurity of the scanf function:
1. Use the scanf_s function instead of the scanf function. The scanf_s function is a function provided by the VS compiler, which can effectively solve the problem of insecurity of the scanf function, but it has several disadvantages .
(1) Some specific usage details of the scanf_s function are different from those of the scanf function, and we need to learn how to use scanf_s separately.
(2) scanf_s is not universal. Since scanf_s is provided by the VS compiler, it is not universal on other platforms, which makes the code written with scanf_s unusable.
(3) In addition to the scanf function, functions such as gets, strcpy, strcat, etc. will also produce the same problem in the VS compiler.
(2) Add #define _CRT_SECURE_NO_WARNINGS 1 in front of the program
#define _CRT_SECURE_NO_WARNINGS 1
Disadvantage: Every time you create a new source .c file, you need to add this preprocessing name to the header, which is very cumbersome.
(3) Cancel the SDL check . Steps: Project -> Properties -> C/C++ -> SDL Check -> No/SDL-
This is a picture demo
Disadvantage: Every time you create a new source .c file, you need to set up an SDL check, which is very cumbersome.
(4) Add a preprocessing definition . Steps: Project -> Properties -> C/C++ -> Preprocessor -> Preprocessor Definition -> Edit -> Add "_CRT_SECURE_NO_WARNINGS 1".
Disadvantage: Each new source .c file needs to add a preprocessing name, which is very cumbersome.
(5) Once and for all – solve the scanf insecurity problem once and for all . Features: The first operation takes a little time, but it can be done once and for all.
Fourth, once and for all – one-time permanent solution to scanf insecurity
1. Find the "newc++file.cpp" file on the computer.
There will be a file called "newc++file.cpp" in the installation path of VS. We find this file. There are three ways to find this file (the third method is recommended):
(1) Find it step by step in the installation path, such as my installation path:
Disadvantage: The path of the file is too thin, and many people cannot find this file.
(2) Find the approximate location of the file, such as the installation path of visual studio, and then search for "newc++file.cpp" in the path.
Note: When searching for a file, try to subdivide the path as much as possible. For example, when I only search for the "newc++file.cpp" file in the large directory of the C drive, there is no result for a long time.
(3) **(recommended)** If some students still find it too difficult to find the path, then I recommend a software, " everything ", this software can help you quickly find any file in your computer, in many cases are very useful.
2. Copy and paste this file to the desktop, then open it, add "#define _CRT_SECURE_NO_WARNINGS 1" in it, then save and exit.
3. Save the modified file on the desktop, paste it under the "newc++file.cpp" file path, and then click "Replace the file in the target", and you're done.
Note : The reason for copying and pasting the "newc++file.cpp" file to the desktop, modifying the contents and then replacing the original file is: if we directly modify the contents of the "newc++file.cpp" file, the system will We ask for admin rights , which the above method doesn't.
4. After completing the above series of operations, now we only need to open or create any source .c/cpp file, its header will be automatically added with "#define _CRT_SECURE_NO_WARNINGS 1", without the need for us to manually every time Add or modify the settings, once and for all!
If you think this article is helpful to you, please give it a thumbs up, thank you.