Channels ▼


Win32 Security in Managed C++

Strings in Managed C++

Strings in Managed C++

Converting from a C-string to a managed string is nice and straightforward, as System::String contains appropriate constructors. However, going the other way is a bit of a pain (and it is not particularly well publicized in the documentation). You need to call the StringToHGlobalUni() or StringToHGlobalAnsi() methods of System::Runtime::InteropServices::Marshal type to allocate it, followed by ToPointer() on the IntPtr instance returned by them. When you're done with the string, don't forget to release it by calling Marshal's FreeHGlobal() method:

wchar_t *pwszUserName = (wchar_t*)(Marshal::StringToHGlobalUni(userName).ToPointer());

size_t si;

PSID psid = Sec_AllocSidFromUserNameW(pwszUserName, &si);


Another thing worth mentioning is that just because you're in Managed C++, there's no reason why you must eschew all of your useful C/C++ libraries. Specifically, it's surprising how C++ aficionados forget the incredible utility of sprintf() and start flailing around with ToString() and Concat(). Consider the following possible implementations of LUID::ToString() (an LUID — Locally Unique ID — is used to uniquely identify a privilege, like an ATOM does for strings):

String *LUID::ToString()


return String::Concat(HighPart.ToString(), "-", LowPart.ToString());


String *LUID::ToString()


wchar_t sz[31];

wsprintfW(sz, L"%d-%u", HighPart, LowPart);

return new String(sz);


The first one might have fewer lines, but which one do you think will be faster (and have fewer allocations)?

— M.W.

Related Reading

More Insights

Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.