Visual C++: Protecting Against Buffer Overruns With the /GS Switch

Tracepoints

Tracepoints are a new feature in Visual C++ 2005 that allows trace information to be generated when a certain line of code executes. Tracepoints operate much the same as a breakpoint, in that they are added to a particular statement, and "hit" when the statement is executed. In contrast to a breakpoint, that will halt execution when hit, a Tracepoint can generate a Trace statement, which will be visible in the Visual Studio output window, or the Tracepoint can run a Visual Studio macro.

The differences between breakpoints and Tracepoints are not distinct. A breakpoint can be configured to include tracing information or the execution of a macro, and a Tracepoint can be configured so that it does not output any debug information and does not run a macro, which in effect makes it a disabled breakpoint. If execution will not be halted at a particular statement, the normal red circle that appears in the left margin of the text editor will change to a diamond, as shown in Figure 1.

Figure 1: Visual Studio Tracepoint

It is worth pointing out that the Tracepoint in Figure 1 is on a native console application, and that configuring Tracepoints in managed and native code is identical. Figure 2 shows the configuration dialog box that is activated by the When Hit item of the Breakpoints Windows context menu. For the options selected in Figure 2, a trace statement is generated, a macro will print all open documents, and execution will be halted.

Figure 2: Tracepoint Configuration

The trace actions of a breakpoint or Tracepoint can also be examined by adding the When Hit column to the Breakpoints window, as shown in Figure 3.

Figure 3: Breakpoints Windows with When Hit actions displayed

New Project Types

Visual C++ 2005 offers out-of-the-box support for creating ATL, MFC, and Win32 Smart Device applications, so developers targeting Windows CE no longer have to contend with switching among multiple IDEs when going from the desktop and server world over to the embedded world. Visual Studio 2005 has a wealth of features that the VC++ 6 inspired Embedded Visual C++ lacked, and embedded developers should embrace the change.

For data-centric development, the new managed SQL Server project will be extremely useful. This project type makes it easy to create, deploy, and debug stored procedures written in C++/CLI. A stored procedure written in managed code is a public static method with the Microsoft::SqlServer::Server::SqlProcedure attribute applied. The method can return either void or an integer status code, and as with TSQL stored procedures, parameters are supported.

Assemblies containing a stored procedure need to be registered with the SQL Server 2005 server before they can be run; this can be accomplished by using the Deploy command from the Build menu. A managed code stored procedure uses ADO.NET syntax to manipulate data. The following bit of code simply deletes all the rows from a table. Note the absence of C#-style using statements or explicit clean-up of the connection and command objects that C++/CLI handles through deterministic cleanup.

void SQL::MyStoredProc()
{
   SqlConnection^ conn =
      gcnew SqlConnection("context connection=true");
   SqlCommand^ deleteCommand = gcnew SqlCommand
      ("delete from myTable", conn);
   deleteCommand->ExecuteNonQuery();
}

In addition to stored procedure templates, Visual C++ has trigger, aggregate function, user-defined type, and user-defined function templates available with SQL Server projects.

Server Explorer

The Server Explorer in Visual Studio 2005 has had a number of incremental updates to the version that shipped with Visual Studio 2003. For those who haven't used the Server Explorer, it serves a similar role to Microsoft Management Console applets in that it allows local and remote server components such as SQL Server and Biztalk to be managed and accessed.

One of the more important additions to the Server Explorer is the out-of-the-box inclusion of WMI Classes and Events. WMI is one of the real hidden gems in Windows, and allows an application to query or respond to a huge range of data relating to the hardware and configuration of a computer. WMI can answer questions and perform tasks as diverse as determining the chemistry and charge remaining of the batteries of a laptop, the ability to join a computer to a domain or workgroup, and the various options that were chosen during the installation of an MSI package.

WMI is exposed through COM to native applications and through the System.Management namespace to managed C++ code. Although the programming model is relatively simple, finding the correct WMI class or event can be a difficult task. Many fields on WMI objects are blank or contain data that is not overly useful, so coding against WMI can be a frustrating task because various similar objects are queried in an attempt to find accurate, populated data. The Server Explorer makes finding the correct WMI object much easier by offering a graphical tree-view interface that allows the various objects to be drilled into, with the member variables of a class viewable in the Properties Window. It is also possible to execute a method on a WMI object by right-clicking it in the Server Explorer and selecting a method; this allows tasks like a disk to be formatted or a computer to be re-booted.

The ability to view WMI classes and events, which are called Management Classes and Events in the Server Explorer view (see Figure 4), was offered via a Server Explorer extension in Visual Studio.NET 2003 (which can be downloaded from here), and now is thankfully available with a standard Visual Studio install. What makes the WMI functionality in the Server Explorer even more useful in Visual C++ 2005 is the ability to drag and drop a WMI object directly onto a design surface in a C++/ CLI project. The drag and drop support comes compliments of the improved CodeDOM implementation that C++/CLI offers over Managed C++, as covered in a previous article. Dragging a WMI object onto a design surface will generate a header file with the necessary helper methods to easily connect to the WMI object using strongly typed classes auto-generated from the WMI schema.

Figure 4: Visual Studio 2005 Server Explorer with Management Events expanded

Project Creation

One of the new options in Visual Studio 2005 is the ability to create a project from an existing group of files and folders. Although this new functionality is not a huge breakthrough, and this task can be accomplished in previous versions of Visual Studio by creating a new project of the correct type and importing all the required files, it does save a considerable amount of tedious work for large applications. Creating a new project based on existing source code files is initiated by the File | New | Project from Existing Source... menu item, and following the wizard. One of the key benefits of the new project creation wizard is the ability to import all the files from a folder and its sub-folders based on a wild-card search path, which is especially important for large C++ applications that tend to use folders to separate areas of functionality in a source code tree.

The project creation wizard supports the use of Visual Studio as a build system, or custom build, rebuild, and clean command line tools can be nominated. The wizard also allows the user to select the appropriate project type, and some of the main build settings can also be created.

Answers to Questions

Q. Does the editor now support separate coloring of virtual space (in other words, "space" beyond the end of line)?

A. There doesn't appear to be any setting that can control the coloring of virtual space. There are dozens of items in the Display Items listbox in the Options dialog on the Environment | Fonts and Colors page, but none relate to this item.

Q. Can it support highlighting for text file with customized file extension and with customized syntax definition file?

A. Custom file extensions can be mapped to a particular language using the Options dialog box in Visual Studio. On the Text Editor| File Extensions page, enter the custom file extension, and associate it with Visual C++.B There is also the option of mapping all extension-less files to a particular language, as shown in Figure 5.

Figure 5: Visual Studio 2005 Server Explorer with Management Events expanded

Adding support for a custom syntax definition requires the use of the Visual Studio SDK (formerly VSIP SDK). Check out the Visual Studio Extensibility Center at http://msdn.microsoft.com/vstudio/extend/ for more details.



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Live Event Date: October 29, 2014 @ 11:00 a.m. ET / 8:00 a.m. PT Are you interested in building a cognitive application using the power of IBM Watson? Need a platform that provides speed and ease for rapidly deploying this application? Join Chris Madison, Watson Solution Architect, as he walks through the process of building a Watson powered application on IBM Bluemix. Chris will talk about the new Watson Services just released on IBM bluemix, but more importantly he will do a step by step cognitive …

  • Live Event Date: October 23, 2014 @ 12:00 p.m. ET / 9:00 a.m. PT Despite the current "virtualize everything" mentality, there are advantages to utilizing physical hardware for certain tasks. This is especially true for backups. In many cases, it is clearly in an organization's best interest to make use of physical, purpose-built backup appliances rather than relying on virtual backup software (VBA - Virtual Backup Appliances). Join us for this eSeminar to learn why physical appliances are preferable to …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds