I am constatly being asked same question on and on.

"I have an old code that uses a CRT function and when I build it with VS2005, I get a deprecation warning. What should I do".

Let's say you have a code like this

void foo(char* szA, char* szB) {

   strcpy(szA, szB);

   sprintf(szA,"%s",szB);

}

If you compile this code with VS2005 Beta 1 or CTP, you see a warnings for strcpy and sprintf, which let you know that these functions have been deprecated. A fair questions why they have been deprecated. A short answer, because these are inherently insecure functions that can "help" you to create a code that makes your application vulnerable to buffer overrun type of attacks.

There are two ways to fix this problem. The first one, is to change your code to use the new secure invariants of these functions, which are strcpy_s and sprintf_s. However it may sometime to do these for deprecated CRT functions that you use. So the second way is to use #define _CRT_SECURE_NO_DEPRACATE. This define will make all warnings go away. So if you just what to make your app to build clean with the new VS, this option may works for you. However, I would not recommend you to stay with option for a long time. Go ahead and read about new Security Enhancements in the CRT. I will also try to post more information about this cool feature implemented in VS2005 on my blog. I know that there is a draft of a whitepaper on this topic has been prepared that goes in detail of desing and implementaion of this feature. As soon as I know about this paper, I will publish a link to it.