Microsoft KB Archive/274501

= BUG: CRT: wcsxfrm(NULL, string, 0) Fails Outside &quot;C&quot; Locale =

Article ID: 274501

Article Last Modified on 12/11/2003

-

APPLIES TO


 * Microsoft Visual C++ 5.0 Enterprise Edition
 * Microsoft Visual C++ 6.0 Enterprise Edition
 * Microsoft Visual C++ 5.0 Professional Edition
 * Microsoft Visual C++ 6.0 Professional Edition
 * Microsoft Visual C++ 6.0 Standard Edition

-



This article was previously published under Q274501



SYMPTOMS
The C/C++ run-time library (CRT) function strxfrm and its wide-character version wcsxfrm transform a string that is based on locale-specific information. The expression &quot;1 + strxfrm(NULL, string, 0)&quot; can be used to calculate the required size of the destination buffer that is large enough to hold the strxfrm/wcsxfrm transformation of the source string, including the terminating 0 character.

The expression &quot;wcsxfrm(NULL, string, 0)&quot; works for the default &quot;C&quot; locale but results in an Access Violation (AV) crash (the program stops responding) for other locales. The strxfrm function works correctly.

Please refer to the sample code in the &quot;More Information&quot; Section for details.



CAUSE
When the &quot;C&quot; locale is used, the source string is copied into the destination buffer and the length of the source string is returned by using the wcsncpy/wcslen and strncpy/strlen functions.

Outside of the &quot;C&quot; locale, the national language support (NLS) API functions are used to map one character string to another, performing a specified locale-dependent transformation. The wcsxfrm function uses an internal buffer; after the transformation is done, each character is copied into the destination buffer. However, the destination buffer is not checked for NULL pointer.



RESOLUTION
To work around the problem, pass a small buffer to the wcsxfrm function. Replace the failing line of code in the following sample with the following: wchar_t tmp; printf(&quot;wcsxfrm returned: %d\n&quot;, wcsxfrm(&tmp, ws, 1));



STATUS
Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.



Steps to Reproduce Behavior
The following sample code demonstrates the bug:
 * 1) include 
 * 2) include 
 * 3) include 

void main {                                                              wchar_t *ws = L&quot;Hello&quot;; char *cp; printf(&quot;wcsxfrm returned: %d\n&quot;, wcsxfrm(NULL, ws, 0));

cp = setlocale(LC_ALL, &quot;English_United States.1252&quot;); printf(&quot;setlocale returned: %s\n&quot;, cp);

// The next call results in an access violation. printf(&quot;wcsxfrm returned: %d\n&quot;, wcsxfrm(NULL, ws, 0)); }

Keywords: kbbug kbcrt kbpending KB274501

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.