_vsntprintf deprecated?

Hello cplusplus community. So I've finally decided to get down to business and learn from Petzold's Programming Windows 5th edition and on the second example I get the error in Visual Studio 2013:
error C4996: '_vsnprintf': This function or variable may be unsafe. Consider using _vsnprintf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.

The original code was:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#include <Windows.h>
#include <tchar.h>
#include <stdio.h>

int CDECL MessageBoxPrintf(TCHAR* szCaption, TCHAR* szFormat, ...)
{
	TCHAR	szBuffer[1024];
	va_list	pArgList;

		// The va_start macro (defined in STDARG.H) is usually equivalent to
		// pArgList = (char *) &szFormat + sizeof (szFormat)
	va_start(pArgList, szFormat);

		// The last argument to wvsprintf points to the arguments
	_vsntprintf(szBuffer, sizeof(szBuffer) / sizeof(TCHAR), szFormat, pArgList);

		// The va_end macro just zeroes out pArgList for no good reason
	va_end(pArgList);

	return MessageBox(NULL, szBuffer, szCaption, 0);
}

int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
				   PSTR szCmdLine, int iCmdShow)
{
	int cxScreen = GetSystemMetrics(SM_CXSCREEN);
	int cyScreen = GetSystemMetrics(SM_CYSCREEN);

	MessageBoxPrintf(TEXT("ScrnSize"), TEXT("The screen is %i pixels wide by %i pixels high."),
					 cxScreen, cyScreen);

	return 0;
}


So my question is it really deprecated? Can someone provide a link to the deprecation?
...and yes I googled vsnprintf deprecated and got nothing.
If it is deprecated how would I rework that specific section? that is what is the alternate function for that section.

Thank you for your time.
Well, I am unfamiliar with this function, but it seems to me the warning is giving you an alternate, have you tried _vsnprintf_s?
Yes, but the function is different, taking different arguments and providing a different function altogether, so therefore I'd like to keep to the original if possible. I think it's an alias to this http://www.cplusplus.com/reference/cstdio/vsnprintf/ or its unicode equivalent if UNICODE is defined.
Nevermind, in the example on this page http://msdn.microsoft.com/en-us/library/1kt27hek.aspx I finally found my confirmation. It is deprecated so I must the _s function.
Sorry to revive a topic that is beyond dead. I just wanted to add a bit of background for anyone who might find this post.
Since I'm coming from a C++ background and am learning Petzold I'm not so up to date with C I/O. Although this next fact is probably old news to most of you it probably isn't the case for all of us.
It seems that the function _vsntprintf is deprecated which in turn means _vsnprintf is also deprecated for the same reason that gets() is deprecated -- because they both don't provide sufficient protection against buffer overflow. My assumption is that this is the reason for gets_s() in C11 and the function _vsnprintf_s().

Don't know if that deduction will help anyone or if its completely accurate but I thought I'd pitch that in.
Topic archived. No new replies allowed.