Macros are frequently used in the remediation of existing code to globally replace one identifier with another, for example, when an existing API changes. While there is always some risk involved, this practice becomes particularly dangerous if a function name is replaced with the function name of a deprecated or obsolescent functions. Deprecated functions are defined by the C99 standard and Technical Corrigenda. Obsolescent functions are defined by this guideline.
Deprecated Functions
The gets() function was deprecated by Technical Corrigendum 3.
Obsolescent Functions
The following functions are obsolescent.
...
asctime()
...
atof()
...
atoi()
...
atol()
...
atoll()
...
bsearch()
...
ctime()
...
fopen()
...
fprintf()
...
freopen()
...
fscanf()
...
fwprintf()
...
fwscanf()
...
getenv()
...
gmtime()
...
localtime()
...
mbsrtowcs()
...
mbstowcs()
...
memcpy()
...
memmove()
...
printf()
...
qsort()
...
remove()
...
rename()
...
rewind()
...
setbuf()
...
snprintf()
...
sprintf()
...
sscanf()
...
strcat()
...
strcpy()
...
strerror()
...
strncat()
...
strncpy()
...
strtok()
...
swprintf()
...
swscanf()
...
tmpfile()
...
tmpfile_s()
...
tmpnam()
...
tmpnam_s()
...
vfprintf()
...
vfscanf()
...
vfwprintf()
...
vfwscanf()
...
vprintf()
...
vscanf()
...
vsnprintf()
...
vsprintf()
...
vsscanf()
...
vswprintf()
...
vswscanf()
...
vwprintf()
...
vwscanf()
...
wcrtomb()
...
wcscat()
...
wcscpy()
...
wcsncat()
...
wcsncpy()
...
wcsrtombs()
...
wcstok()
...
wcstombs()
...
wctomb()
MSC34-C. Do not use deprecated or obsolescent functions.
While compliance with MSC34-C. Do not use deprecated or obsolescent functions guarantees compliance with this guideline, this recommendation emphasizes the extremely risky and deceptive practice or replacing functions with less secure alternatives.
...
wmemcpy()
...
wmemmove()
...
wprintf()
...
wscanf ()
...
...
...
Noncompliant Code Example
...