Need a replacement for wsprintf()

[NoCforMe]

Help! I've been using wsprintf() to format strings. That is, until I read this about it on MSDN:

Security Considerations

Using this function incorrectly can compromise the security of your application. The string returned in lpOutput is not guaranteed to be NULL-terminated. Also, avoid the use of the %s format, which can lead to a buffer overrun. This can lead to a denial of service if it results in an access violation, or an attacker may inject executable code. Consider using one of the following alternatives: StringCbPrintf, StringCbPrintfEx, StringCbVPrintf, StringCbVPrintfEx, StringCchPrintf, StringCchPrintfEx, StringCchVPrintf, or StringCchVPrintfEx.

Hey, you don't have to warn me twice!

So I checked into StringCbVPrintf(), which looks nice, except that it doesn't seem to be supported by MASM32, and besides, MSDN says the "minimum supported client" is Windows XP with SP2 (I'm on W2K here), using Strsafe.h, also evidently missing from this package.

So what am I supposed to use here? I looked through the MASM32 lib folder, hoping to find a printf() replacement, but no luck. I really don't want to write my own function here.

Also, when using wsprintf(), it seems it doesn't expand tabs (\t), which I would have expected it to do. (Although MSDN says nothing about any formatting characters other than field identifiers, like %d, etc.)

[dedndave]

many of the crt functions have been replaced by "secure" versions
all these buffer overflows are supposed to be fixed
and, i am sure they are slower and bigger
not sure how to use them - no C for me   :bdg

i do use kbhit and getch for console mode stuff  :P

[NoCforMe]

What do you mean, "crt functions"? This is a generalized function for placing formatted text into a buffer. Similar to the standard C library functions, (x)printf.

How do you format text that you want to output?

[dedndave]

C RunTime libraries
not cathode ray tube   :P

typically called MSVCRT - maybe followed with version digits

how do i format strings ?
i usually write my own code
that printf stuff looks like some foriegn language - one that i didn't study   :P

[NoCforMe]

Well, despite my handle, I find the C conventions for formatting text to be quite useful, and easy to use:

• %(something) defines output fields of various types
  
• \(something) defines various control characters (newline, tab, etc.)
  

I wrote a 16-bit version of printf() that was really handy for debugging, but I really don't want to do that here.

Are there any routines in the MASM32 libraries that would help here?

[dedndave]

not that i am aware of
however, it shouldn't be too difficult to create an import library for the newer wsprintf
they preceed a lot of the function names with "s" meaning "secure", i guess

[dedndave]

here you go - try snprintf, snwprintf, vsnprintf, vsnwprintf, sprintf

there are a bunch of printf functions - have a look in msvcrt.inc
and - to get descriptions - google msdn

[dedndave]

here is a list of function names in the msvcrt.lib that is included with masm32 v10r

[hutch--]

There is a simple solution to buffer overruns, MEASURE the bufffer length yourself FIRST !!!!!!!!!!!  :bg

Code Select Expand


  mov blen, len(buffer)
  .if blen > 256
    print "Shock Horror, someone is trying out a buffer overrun exploit",13,10
    ret
  .else
    ; do whatcha wanna do !
  .endif


[jj2007]

There is a simple solution to buffer overruns, MEASURE the bufffer length yourself FIRST !!!!!!!!!!!  :bg

Right. Or use MasmBasic, it's safe :bg:

include \masm32\MasmBasic\MasmBasic.inc   ; download
   Init
   Print cStyle$("Your puter\nis a stupid\nbeast\na\tb\tc\n1\t2\t3\n")   ; MasmBasic
   print cStyle$("Your puter\nis a stupid\nbeast\na\tb\tc\n1\t2\t3\n")      ; normal Masm32 print
   Inkey Str$("\nIt has run %3f hours since the last boot, give it a break!!!!", Timer/3600000)
   Exit
end start

Code Select Expand

Your puter
is a stupid
beast
a       b       c
1       2       3

Jokes apart: Hutch is right, check yourself! These "safe" new M$ functions are there to help stupid coders and slow down the system, so that the end user is eventually forced to buy a new Win8 64-bit box. If MB is not for you, then use the good old crt functions and make sure the input is less or equal bufferlen. By the way: standard Masm32 print can be used with the cStyle macro, see above, that is included in MB courtesy of qWord but also available here

[MichaelW]

Also, when using wsprintf(), it seems it doesn't expand tabs (\t), which I would have expected it to do.

The expansion of Escape Sequences is a compiler function. You can use the MASM32 cfm$ macro to specify the format string and it will take care of expanding the escape sequences.

Code Select Expand


;==============================================================================
    include \masm32\include\masm32rt.inc
;==============================================================================
printf MACRO format:REQ, args:VARARG
    IFNB <args>
        invoke crt_printf, cfm$(format), args
    ELSE
        invoke crt_printf, cfm$(format)
    ENDIF
    EXITM <>
ENDM
;==============================================================================
    .data
    .code
;==============================================================================
start:
;==============================================================================
    printf("%d\t%d\t%Xh\n", 123, 456, 1024)
    inkey "Press any key to exit..."
    exit
;==============================================================================
end start


[ToutEnMasm]

More powerfull is swprintf_s sprintf_s

invoke sprintf_s,addr buffer,sizeof buffer,addr format,double

who can work with floating point number

[jj2007]

You can use the MASM32 cfm$ macro to specify the format string and it will take care of expanding the escape sequences.

Thanks, Michael, I had forgotten that one.

And cat$(cfm$("\nTest 4:"),str$(4)) will cause cat$ to write past the end of the data allocated by cfm$.

To keep in mind.

[hutch--]

When you use the "cat$" macro you are supposed to specify the buffer to join it all onto, as usual the buffer should be large enough. It can be reassigned back to the same buffer pointer but if you use a fixed length string as the first member then add more to it it will go BANG.

Code Select Expand


mov pbuffer, cat$(pbuffer,all your other strings .... )


[ToutEnMasm]

So I checked into StringCbVPrintf(), which looks nice, except that it doesn't seem to be supported by MASM32, and besides, MSDN says the "minimum supported client" is Windows XP with SP2 (I'm on W2K here), using Strsafe.h, also evidently missing from this package.

This is part of the strsafe.lib who have a few proc in his header's file (c++ allow it).Only old version of strsafe.lib have the full code in them (\WinDDK\6001.18001).
The sprintf_s function is enough secured.You pass the buffer adress and his size.
No need of macros to secure it more (useless).