Why Visual Studio 2005 is deprecating our favorite standard C functions

7. April 2005 06:34 by Pdermody in General  //  Tags:   //   Comments (0)

So it seems that with the release of Visual Studio 2005 Beta 1, Microsoft in all it's wisdom has seen fit to deprecate around one hundred standard C functions. The following is a short list some functions that have been deprecated:


Some string manipulation functions like sprintf, strcpy, and strcat.

Some string conversion functions like asctime, itoa, and fcvt.

Some input functions like scanf and cgets.

Some memory manipulation functions like memcpy and memmove.

The rand number generation function rand().

Other apparently harmless functions like printf and fopen.


All these functions have been replaced with functions that are followed by an “_s”. For example, uses of strcpy should be replaced by the function strcpy_s. Calls to rand() should be replaced by calls to rand_s(). The return types and parameter lists change also - so a simple find/replace will not work. You need to to this by hand. You can a full list of these functions here: http://msdn2.microsoft.com/library/wd3wzwts.aspx


The reason they have done this is, in a word, Security. Each of these functions and all the others that have been deprecated behave in a way that makes the production of secure code more difficult.


Many of the functions that involve copying strings in to char* variables have had a maximum allowable size argument added for example. One group of functions in particular to look out for here is the scanf() family of functions and their friends that take as parameters a destination char*, a format string, and a series of other parameters. They all have been changed in similar ways. As an example I will mention just scanf() which has been replaced by the more secure scanf_s(). The new function's signature seems to be the same as it always was:


int scanf_s

   const char *format,


The elipsis (...) indicates an unspecified list of parameters that correspond to items (type specifiers) in the format string. In the older scanf() function there was a single parameter for each item. In the new scanf_s() a second parameter is required for each one. The second item specifies the size of the buffer or variable into which the input data is copied. This is not clear from the signature and can be easily forgotten, giving usually odd results. You can read more about scanf_s() here: http://msdn2.microsoft.com/library/w40768et.aspx.


Other changes that have been made are the random number generator must be replaced with a function that creates more cryptographically secure random numbers and also many functions that used to supply information as a return value have been replaced by functions that return an error code while writing their result to an appropriate parameter pointer.


If you wish you can always turn off the security warnings by defining _CRT_SECURE_NO_DEPRACATE in your code. But this may not work forever...deprecated usually means that some day the functions will not exist anymore.


I saw one person call this modification of standard C functions “insane“. I initially though it was at the very least completely obnoxious. But it seems that there is wisdom in Microsoft's madness. So much so that the C standards committee agrees with them. Have a look at this draft Technical Report:




Though it's still only a working draft I suggest that we C programmers get used to it - a major chunk of the standard C library will soon be a fond memory. Just what will take it's place may change as far as ISO is concerned but Microsoft will soon have Visual Studio 2005 ready and after that the new functions will be written in stone - as difficult to change as, well, as the C standard runtime library.