CXX.FUNC.CSTRING.FORMAT
CString cannot call CString.Format() on itself.
The call will fail if the CString object itself is offered as a parameter.
Vulnerability and risk
This can then lead to unpredictable results.
Mitigation and prevention
Use an intermediate temporary CString to avoid the issue.
Example
Copy
CString str = "Some Data";
str.Format("%s%d", str, 123);CString str is also used in the parameter list.