# Wednesday, 16 June 2010
I've written about banned APIs before - for security reasons some C Runtime functions like strcpy should not be used, and instead you should use replacements like strcpy_s that perform some checking before trusting the strings they're handed. You might also know that I really like the extension capabilities in Visual Studio 2010.

So how can I resist a Visual Studio extension that gives you wigglies if you use a banned API?


You even get a handy tooltip suggesting replacements. This is a must-install for any C++ developer. You can get zip of the source (you'll need the Visual Studio 2010 SDK to build it) with a prebuilt VSIX in it from the Security Development Lifecycle blog. It doesn't seem to be on the Visual Studio Gallery yet, but it should be! If you haven't met the VSIX format yet, prepare to be pleasantly surprised - it's a self contained one step installation vehicle for a Visual Studio extension. Just double click it and Visual Studio does the rest.

Kate
Wednesday, 16 June 2010 12:03:40 (Eastern Daylight Time, UTC-04:00)  #