Ad Space — Top Banner

C4996

Visual C++ Programming Language

Severity: Minor

Source: OnlyErrorCodes.com — Every error code. One place.

MSVC C4996: Deprecated Function Warning — Fix

What Does This Error Mean?

C4996 is a warning that you called a function marked as deprecated or unsafe by Microsoft. The message names the function and usually suggests a safer replacement — for example, use strcpy_s instead of strcpy, or sprintf_s instead of sprintf. Adding _CRT_SECURE_NO_WARNINGS to preprocessor definitions suppresses the warning project-wide without changing code.

Affected Models

  • Visual Studio 2015–2022
  • MSVC v14.x / v17.x
  • Windows SDK CRT functions

Common Causes

  • Calling legacy CRT string functions: strcpy, strcat, sprintf, gets, scanf
  • Using std::auto_ptr, which was deprecated in C++11 and removed in C++17
  • Calling a function your team or a library author marked [[deprecated]]
  • Using _stricmp, _strdup, or other underscore-prefixed POSIX-style CRT functions

How to Fix It

  1. Replace the deprecated function with its safe _s replacement. For strcpy use strcpy_s, for sprintf use sprintf_s, for gets use gets_s.

    The _s functions take an extra buffer-size parameter that prevents buffer overruns. Visual Studio IntelliSense shows the safe replacement in the error tooltip.

  2. If you need to keep the old function for compatibility, add _CRT_SECURE_NO_WARNINGS to Project Properties > C/C++ > Preprocessor > Preprocessor Definitions.

    This suppresses all C4996 warnings from Microsoft-deprecated CRT functions. It does not affect warnings from user-defined [[deprecated]] attributes.

  3. To suppress C4996 for a single call without changing project settings, add #pragma warning(suppress: 4996) on the line immediately before the call.

    The suppress pragma applies only to the next source line. Use this when you cannot change project settings or are inside a header you do not control.

  4. For std::auto_ptr deprecation, replace it with std::unique_ptr. The ownership semantics are similar but unique_ptr is safe and fully supported in modern C++.

    std::auto_ptr was deprecated in C++11 and removed in C++17. std::unique_ptr is a drop-in replacement for most uses.

Frequently Asked Questions

Is C4996 a compiler error or just a warning?

By default C4996 is a warning. However, many projects compile with /WX (treat warnings as errors), which promotes C4996 to a build-stopping error. Check Project Properties > C/C++ > General > Treat Warnings As Errors.

Does C4996 mean my code is broken?

Not necessarily — the deprecated function still works in most cases. Microsoft deprecated these functions because they can allow buffer overruns if misused. For new code, always use the safe _s replacements; for legacy code, the suppression pragma is acceptable short-term.

Related Error Codes

C2065 MSVC C2065: Undeclared Identifier — What It Means