How to disable buffer overflow checking in the Visual C++ Runtime?

Question

i, and a few thousand other people, are getting an error being thrown by the Microsoft Visual C++ Runtime:

Which for the benefit of search engines, says:

Microsoft Visual C++ Runtime Library

Buffer overrun detected!

Program: %s

A buffer overrun has been detected which has corrupted the program's
internal state. The program cannot safely continue execution and must
now be terminated.

Now i understand what a buffer overrun is, and why it is a bad thing. Given Microsoft's new emphasis on "it's just broken", the extra buffer checks in MSVCRT can be a nice thing.

On the other hand, i don't care. It's not that the program can't continue, it's that the program cannot safely continue. Well i'd rather be unsafe, because it's better than nothing. i enjoy living dangerously.

So can anyone suggest anything? i was thinking things like:

• a registry key to prevent MSVCRT from halting execution
• running the application in compability with a previous operating system (previous to Windows 7)
• adding an assembly manifest to the executable folder so that it uses an older version of the MSVCRT, one which doesn't perform this overflow checking
• a version number, or download location, of a copy of MSVCRT that doesn't have the overflow checking

i tried searching the support site of the company that wrote the Microsoft Visual C++ Runtime Library, but they have no mention of which functions could be overflowing, or how to disable overflow checking.

Answer 1

There is an option here. Set it to no.

Project Properties -> Configuration Properties -> C/C++ -> Code Generation -> Buffer Security Check.

This corresponds to the /GS (Buffer Security Check) compiler option:

Detects some buffer overruns that overwrite the return address, a common technique for exploiting code that does not enforce buffer size restrictions. This is achieved by injecting security checks into the compiled code.

Answer 2

Is this happening in you code or actually in the library? If it's in the library, I know you say you want to just ignore the error, but what you would you do if it was an access violation that crashed the process?

You should treat it the same way, because logically it's the same thing. It's just the CRT is crashing the process instead of the OS.

But, If you're using the debug build of the library you might get better (?) results using the release build (maybe it'll just crash without the dialog box notification).

If it's in your code you can disable the overflow check using the /GS- option. But you should really fix the bug.