Merging changes synced from https://github.com/MicrosoftDocs/cpp-docs-pr (branch live)

Author: Learn Build Service GitHub App

docs/c-runtime-library/reference/crtsetdebugfillthreshold.md

@@ -1,14 +1,13 @@
 ---
 title: "_CrtSetDebugFillThreshold"
 description: "Use the _CrtSetDebugFillThreshold function to set the maximum amount of buffer to fill in secure CRT functions."
-ms.date: "10/31/2019"
+ms.date: 04/10/2025
 api_name: ["_CrtSetDebugFillThreshold"]
 api_location: ["msvcrt.dll", "msvcr80.dll", "msvcr90.dll", "msvcr100.dll", "msvcr100_clr0400.dll", "msvcr110.dll", "msvcr110_clr0400.dll", "msvcr120.dll", "msvcr120_clr0400.dll", "ucrtbase.dll"]
 api_type: ["DLLExport"]
 topic_type: ["apiref"]
 f1_keywords: ["_CrtSetDebugFillThreshold", "CrtSetDebugFillThreshold"]
 helpviewer_keywords: ["debug, buffer-filling behavior", "CrtSetDebugFillThreshold function", "_CrtSetDebugFillThreshold function", "buffer-filling behavior", "0xFE"]
-ms.assetid: 6cb360e8-56ae-4248-b17f-e28aee3e0ed7
 ---
 # `_CrtSetDebugFillThreshold`
 
@@ -38,58 +37,36 @@ The default threshold is `SIZE_T_MAX`.
 Here's a list of the affected functions:
 
 - [`asctime_s`, `_wasctime_s`](asctime-s-wasctime-s.md)
-
 - [`_cgets_s`, `_cgetws_s`](cgets-s-cgetws-s.md)
-
 - [`ctime_s`, `_ctime32_s`, `_ctime64_s`, `_wctime_s`, `_wctime32_s`, `_wctime64_s`](ctime-s-ctime32-s-ctime64-s-wctime-s-wctime32-s-wctime64-s.md)
-
 - [`_ecvt_s`](ecvt-s.md)
-
 - [`_fcvt_s`](fcvt-s.md)
-
 - [`_gcvt_s`](gcvt-s.md)
-
 - [`_itoa_s`, `_ltoa_s`, `_ultoa_s`, `_i64toa_s`, `_ui64toa_s`, `_itow_s`, `_ltow_s`, `_ultow_s`, `_i64tow_s`, `_ui64tow_s`](itoa-s-itow-s.md)
-
 - [`_makepath_s`, `_wmakepath_s`](makepath-s-wmakepath-s.md)
-
 - [`_mbsnbcat_s`, `_mbsnbcat_s_l`](mbsnbcat-s-mbsnbcat-s-l.md)
-
 - [`_mbsnbcpy_s`, `_mbsnbcpy_s_l`](mbsnbcpy-s-mbsnbcpy-s-l.md)
-
 - [`_mbsnbset_s`, `_mbsnbset_s_l`](mbsnbset-s-mbsnbset-s-l.md)
-
 - [`_mktemp_s`, `_wmktemp_s`](makepath-s-wmakepath-s.md)
-
 - [`_splitpath_s`, `_wsplitpath_s`](splitpath-s-wsplitpath-s.md)
-
 - [`strcat_s`, `wcscat_s`, `_mbscat_s`](strcat-s-wcscat-s-mbscat-s.md)
-
 - [`strcpy_s`, `wcscpy_s`, `_mbscpy_s`](strcpy-s-wcscpy-s-mbscpy-s.md)
-
 - [`_strdate_s`, `_wstrdate_s`](strdate-s-wstrdate-s.md)
-
 - [`strerror_s`, `_strerror_s`, `_wcserror_s`, `__wcserror_s`](strerror-s-strerror-s-wcserror-s-wcserror-s.md)
-
 - [`_strlwr_s`, `_strlwr_s_l`, `_mbslwr_s`, `_mbslwr_s_l`, `_wcslwr_s`, `_wcslwr_s_l`](strlwr-s-strlwr-s-l-mbslwr-s-mbslwr-s-l-wcslwr-s-wcslwr-s-l.md)
-
 - [`strncat_s`, `_strncat_s_l`, `wcsncat_s`, `_wcsncat_s_l`, `_mbsncat_s`, `_mbsncat_s_l`](strncat-s-strncat-s-l-wcsncat-s-wcsncat-s-l-mbsncat-s-mbsncat-s-l.md)
-
 - [`strncpy_s`, `_strncpy_s_l`, `wcsncpy_s`, `_wcsncpy_s_l`, `_mbsncpy_s`, `_mbsncpy_s_l`](strncpy-s-strncpy-s-l-wcsncpy-s-wcsncpy-s-l-mbsncpy-s-mbsncpy-s-l.md)
-
 - [`_strnset_s`, `_strnset_s_l`, `_wcsnset_s`, `_wcsnset_s_l`, `_mbsnset_s`, `_mbsnset_s_l`](strnset-s-strnset-s-l-wcsnset-s-wcsnset-s-l-mbsnset-s-mbsnset-s-l.md)
-
 - [`_strset_s`, `_strset_s_l`, `_wcsset_s`, `_wcsset_s_l`, `_mbsset_s`, `_mbsset_s_l`](strset-s-strset-s-l-wcsset-s-wcsset-s-l-mbsset-s-mbsset-s-l.md)
-
 - [`_strtime_s`, `_wstrtime_s`](strtime-s-wstrtime-s.md)
-
 - [`_strupr_s`, `_strupr_s_l`, `_mbsupr_s`, `_mbsupr_s_l`, `_wcsupr_s`, `_wcsupr_s_l`](strupr-s-strupr-s-l-mbsupr-s-mbsupr-s-l-wcsupr-s-wcsupr-s-l.md)
-
+- [`vsnprintf_s`, `_vsnprintf_s`, `_vsnprintf_s_l`, `_vsnwprintf_s`, _vsnwpr`intf_s_l](vsnprintf-s-vsnprintf-s-vsnprintf-s-l-vsnwprintf-s-vsnwprintf-s-l.md)
+ 
 ## Requirements
 
 | Routine | Required header |
 |---|---|
-| **`_CrtSetDebugFillThreshold`** | \<crtdbg.h> |
+| **`_CrtSetDebugFillThreshold`** | `<crtdbg.h>` |
 
 This function is Microsoft-specific. For more compatibility information, see [Compatibility](../compatibility.md).
 

docs/c-runtime-library/security-features-in-the-crt.md

@@ -5,7 +5,6 @@ ms.date: "09/29/2020"
 ms.topic: "conceptual"
 f1_keywords: ["_CRT_SECURE_NO_DEPRECATE", "_CRT_NONSTDC_NO_DEPRECATE", "_CRT_NONSTDC_NO_WARNINGS", "_CRT_SECURE_NO_WARNINGS"]
 helpviewer_keywords: ["security deprecation warnings [C++]", "CRT_NONSTDC_NO_DEPRECATE", "buffers [C++], buffer overruns", "deprecation warnings (security-related), disabling", "_CRT_NONSTDC_NO_WARNINGS", "security [CRT]", "_CRT_SECURE_NO_WARNINGS", "_CRT_NONSTDC_NO_DEPRECATE", "_CRT_SECURE_NO_DEPRECATE", "security-enhanced CRT", "CRT_SECURE_NO_WARNINGS", "CRT_SECURE_NO_DEPRECATE", "deprecation warnings (security-related)", "buffer overruns", "CRT_NONSTDC_NO_WARNINGS", "CRT, security enhancements", "parameters [C++], validation"]
-ms.assetid: d9568b08-9514-49cd-b3dc-2454ded195a3
 ---
 # Security Features in the CRT
 
@@ -19,7 +18,7 @@ For example, the `strcpy` function can't tell if the string it copies is too lar
 
 ## Eliminating deprecation warnings
 
-There are several ways to eliminate deprecation warnings for the older, less secure functions. The simplest is simply to define `_CRT_SECURE_NO_WARNINGS` or use the [`warning`](../preprocessor/warning.md) pragma. Either will disable deprecation warnings, but the security issues that caused the warnings still exist. It's better to leave deprecation warnings enabled and take advantage of the new CRT security features.
+There are several ways to eliminate deprecation warnings for the older, less secure functions. The simplest is simply to define `_CRT_SECURE_NO_WARNINGS` or use the [`warning`](../preprocessor/warning.md) pragma. Either disables deprecation warnings, but the security issues that caused the warnings still exist. It's better to leave deprecation warnings enabled and take advantage of the new CRT security features.
 
 In C++, the easiest way to eliminate the deprecation warnings is to use [Secure template overloads](./secure-template-overloads.md). The overloads eliminate deprecation warnings in many cases. They replace calls to deprecated functions with calls to secure versions of the functions. For example, consider this deprecated call to `strcpy`:
 
@@ -54,13 +53,15 @@ Some of the security features include:
 
   You must pass the buffer size to any secure function that writes to a buffer. The secure versions validate that the buffer is large enough before writing to it. The validation helps avoid dangerous buffer overrun errors that could allow malicious code to execute. These functions usually return an `errno` error code and invoke the invalid parameter handler if the size of the buffer is too small. Functions that read from input buffers, such as `gets`, have secure versions that require you to specify a maximum size.
 
+  The debug versions of *some* security-enhanced CRT functions fill the buffer passed to them with a special character (0xFE). This fill character helps to find cases where the incorrect size was passed to the function. Unfortunately, it also reduces performance. To improve performance, use **`_CrtSetDebugFillThreshold`** to disable buffer-filling. For more information, and a list of functions that have this behavior, see [`_CrtSetDebugFillThreshold`](./reference/crtsetdebugfillthreshold.md).
+
 - **Null termination**
 
-  Some functions that left potentially non-terminated strings have secure versions, which ensure that strings are properly null-terminated.
+  Some functions that left potentially nonterminated strings have secure versions, which ensure that strings are properly null-terminated.
 
 - **Enhanced error reporting**
 
-  The secure functions return error codes with more error information than was available with the pre-existing functions. The secure functions and many of the pre-existing functions now set `errno` and often return an `errno` code type as well, to provide better error reporting.
+  The secure functions return error codes with more error information than was available with the preexisting functions. The secure functions and many of the preexisting functions now set `errno` and often return an `errno` code type as well, to provide better error reporting.
 
 - **Filesystem security**