VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-14 17:18:01 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:21:13 +0100
commit016edc150b034d7401a1652bd3482d613ff4b9d4 (patch)
treecf79aeef0f7e593eb776ee6e9ca393e39a292a09
parent5c1db9d0e1287c873d180021cf82e89677fe4aa0 (diff)
downloadVeraCrypt-016edc150b034d7401a1652bd3482d613ff4b9d4.tar.gz
VeraCrypt-016edc150b034d7401a1652bd3482d613ff4b9d4.zip
Static Code Analysis : Use Safe String functions in Setup code to avoid potential security issues.
-rw-r--r--src/Setup/SelfExtract.c28
-rw-r--r--src/Setup/Setup.c158
-rw-r--r--src/Setup/Wizard.c27
3 files changed, 108 insertions, 105 deletions
diff --git a/src/Setup/SelfExtract.c b/src/Setup/SelfExtract.c
index a14a0db4..55f14114 100644
--- a/src/Setup/SelfExtract.c
+++ b/src/Setup/SelfExtract.c
@@ -18,6 +18,7 @@
#include "Dir.h"
#include "Language.h"
#include "Resource.h"
+#include <Strsafe.h>
#define OutputPackageFile "VeraCrypt Setup " VERSION_STRING ".exe"
@@ -240,12 +241,12 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
goto err;
if (szDestDir[x - 1] != '\\')
- strcat (szDestDir, "\\");
+ StringCbCatA (szDestDir, MAX_PATH, "\\");
GetModuleFileName (NULL, inputFile, sizeof (inputFile));
- strcpy (outputFile, szDestDir);
- strncat (outputFile, OutputPackageFile, sizeof (outputFile) - strlen (outputFile) - 1);
+ StringCbCopyA (outputFile, sizeof(outputFile), szDestDir);
+ StringCbCatA (outputFile, sizeof(outputFile), OutputPackageFile);
// Clone 'VeraCrypt Setup.exe' to create the base of the new self-extracting archive
@@ -262,13 +263,13 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++)
{
- _snprintf (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
+ StringCbPrintfA (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
if (!FileExists (szTmpFilePath))
{
char tmpstr [1000];
- _snprintf (tmpstr, sizeof(tmpstr), "File not found:\n\n'%s'", szTmpFilePath);
+ StringCbPrintfA (tmpstr, sizeof(tmpstr), "File not found:\n\n'%s'", szTmpFilePath);
remove (outputFile);
PkgError (tmpstr);
goto err;
@@ -308,7 +309,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
DWORD tmpFileSize;
unsigned char *tmpBuffer;
- _snprintf (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
+ StringCbPrintfA (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
tmpBuffer = LoadFile (szTmpFilePath, &tmpFileSize);
@@ -317,7 +318,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
char tmpstr [1000];
free (tmpBuffer);
- _snprintf (tmpstr, sizeof(tmpstr), "Cannot load file \n'%s'", szTmpFilePath);
+ StringCbPrintfA (tmpstr, sizeof(tmpstr), "Cannot load file \n'%s'", szTmpFilePath);
remove (outputFile);
PkgError (tmpstr);
goto err;
@@ -436,7 +437,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
}
}
- sprintf (tmpStr, "Self-extracting package successfully created (%s)", outputFile);
+ StringCbPrintfA (tmpStr, sizeof(tmpStr), "Self-extracting package successfully created (%s)", outputFile);
PkgInfo (tmpStr);
return TRUE;
@@ -697,7 +698,7 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
wchar_t szTmp[TC_MAX_PATH];
handleWin32Error (hwndDlg);
- wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), DestExtractPath);
+ StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), DestExtractPath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
bSuccess = FALSE;
goto eaf_end;
@@ -710,10 +711,9 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
char filePath [TC_MAX_PATH] = {0};
// Filename
- strncpy (fileName, Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength);
- fileName [Decompressed_Files[fileNo].fileNameLength] = 0;
- strcpy (filePath, DestExtractPath);
- strcat (filePath, fileName);
+ StringCbCopyNA (fileName, sizeof(fileName), Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength);
+ StringCbCopyA (filePath, sizeof(filePath), DestExtractPath);
+ StringCbCatA (filePath, sizeof(filePath), fileName);
StatusMessageParam (hwndDlg, "EXTRACTING_VERB", filePath);
@@ -726,7 +726,7 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
{
wchar_t szTmp[512];
- _snwprintf (szTmp, sizeof (szTmp) / 2, GetString ("CANNOT_WRITE_FILE_X"), filePath);
+ StringCbPrintfW (szTmp, sizeof (szTmp), GetString ("CANNOT_WRITE_FILE_X"), filePath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST);
bSuccess = FALSE;
goto eaf_end;
diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index e41642f8..ea315b56 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -44,6 +44,8 @@ using namespace VeraCrypt;
#pragma warning( default : 4201 )
#pragma warning( default : 4115 )
+#include <Strsafe.h>
+
char InstallationPath[TC_MAX_PATH];
char SetupFilesDir[TC_MAX_PATH];
char UninstallBatch[MAX_PATH];
@@ -194,7 +196,7 @@ void StatusMessageParam (HWND hwndDlg, char *stringId, char *param)
if (Rollback)
return;
- wsprintfW (szTmp, L"%s %hs", GetString (stringId), param);
+ StringCbPrintfW (szTmp, sizeof(szTmp), L"%s %hs", GetString (stringId), param);
SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) szTmp);
SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX,
@@ -296,7 +298,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
return FALSE;
if (szDestDir[x - 1] != '\\')
- strcat (szDestDir, "\\");
+ StringCbCatA (szDestDir, MAX_PATH, "\\");
for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++)
{
@@ -313,16 +315,16 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
}
if (*szFiles[i] == 'A')
- strcpy (szDir, szDestDir);
+ StringCbCopyA (szDir, sizeof(szDir), szDestDir);
else if (*szFiles[i] == 'D')
{
GetSystemDirectory (szDir, sizeof (szDir));
x = strlen (szDir);
if (szDir[x - 1] != '\\')
- strcat (szDir, "\\");
+ StringCbCatA (szDir, sizeof(szDir), "\\");
- strcat (szDir, "Drivers\\");
+ StringCbCatA (szDir, sizeof(szDir), "Drivers\\");
}
else if (*szFiles[i] == 'W')
GetWindowsDirectory (szDir, sizeof (szDir));
@@ -330,7 +332,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
if (*szFiles[i] == 'I')
continue;
- sprintf (szTmp, "%s%s", szDir, szFiles[i] + 1);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, szFiles[i] + 1);
if (bUninstall == FALSE)
CopyMessage (hwndDlg, szTmp);
@@ -354,14 +356,14 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
{
BOOL driver64 = FALSE;
- strncpy (curFileName, szFiles[i] + 1, strlen (szFiles[i]) - 1);
+ StringCbCopyNA (curFileName, sizeof(curFileName), szFiles[i] + 1, strlen (szFiles[i]) - 1);
curFileName [strlen (szFiles[i]) - 1] = 0;
if (Is64BitOs ()
&& strcmp (szFiles[i], "Dveracrypt.sys") == 0)
{
driver64 = TRUE;
- strncpy (curFileName, FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER));
+ StringCbCopyNA (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER));
}
if (!bDevm)
@@ -456,9 +458,9 @@ err:
if (bUninstall == FALSE)
- wsprintfW (szTmp2, GetString ("INSTALL_OF_FAILED"), szTmp, lpMsgBuf);
+ StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("INSTALL_OF_FAILED"), szTmp, lpMsgBuf);
else
- wsprintfW (szTmp2, GetString ("UNINSTALL_OF_FAILED"), szTmp, lpMsgBuf);
+ StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("UNINSTALL_OF_FAILED"), szTmp, lpMsgBuf);
LocalFree (lpMsgBuf);
@@ -479,7 +481,7 @@ err:
if (h != INVALID_HANDLE_VALUE)
{
char d[MAX_PATH*2];
- sprintf (d, "%s%s", szDestDir, f.cFileName);
+ StringCbPrintfA (d, sizeof(d), "%s%s", szDestDir, f.cFileName);
CopyMessage (hwndDlg, d);
TCCopyFile (f.cFileName, d);
FindClose (h);
@@ -491,7 +493,7 @@ err:
if (h != INVALID_HANDLE_VALUE)
{
char d[MAX_PATH*2];
- sprintf (d, "%s%s", szDestDir, f.cFileName);
+ StringCbPrintfA (d, sizeof(d), "%s%s", szDestDir, f.cFileName);
CopyMessage (hwndDlg, d);
TCCopyFile (f.cFileName, d);
FindClose (h);
@@ -516,10 +518,10 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt",
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) == ERROR_SUCCESS)
{
- strcpy (szTmp, VERSION_STRING);
+ StringCbCopyA (szTmp, sizeof(szTmp), VERSION_STRING);
RegSetValueEx (hkey, "DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1);
- strcpy (szTmp, TC_HOMEPAGE);
+ StringCbCopyA (szTmp, sizeof(szTmp), TC_HOMEPAGE);
RegSetValueEx (hkey, "URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1);
RegCloseKey (hkey);
@@ -528,7 +530,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
return TRUE;
}
- strcpy (szDir, szDestDir);
+ StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@@ -536,7 +538,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
bSlash = FALSE;
if (bSlash == FALSE)
- strcat (szDir, "\\");
+ StringCbCatA (szDir, sizeof(szDir), "\\");
if (bInstallType)
{
@@ -548,11 +550,11 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, "VeraCrypt Volume");
+ StringCbCopyA (szTmp, sizeof(szTmp), "VeraCrypt Volume");
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- sprintf (szTmp, "%ws", TC_APPLICATION_ID);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%ws", TC_APPLICATION_ID);
if (RegSetValueEx (hkey, "AppUserModelID", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@@ -566,7 +568,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
- sprintf (szTmp, "%sVeraCrypt.exe,1", szDir);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%sVeraCrypt.exe,1", szDir);
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@@ -580,7 +582,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
- sprintf (szTmp, "\"%sVeraCrypt.exe\" /v \"%%1\"", szDir );
+ StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt.exe\" /v \"%%1\"", szDir );
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@@ -601,7 +603,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, "VeraCryptVolume");
+ StringCbCopyA (szTmp, sizeof(szTmp), "VeraCryptVolume");
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@@ -620,31 +622,31 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
goto error;
/* IMPORTANT: IF YOU CHANGE THIS IN ANY WAY, REVISE AND UPDATE SetInstallationPath() ACCORDINGLY! */
- sprintf (szTmp, "\"%sVeraCrypt Setup.exe\" /u", szDir);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\" /u", szDir);
if (RegSetValueEx (hkey, "UninstallString", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- sprintf (szTmp, "\"%sVeraCrypt Setup.exe\" /c", szDir);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\" /c", szDir);
if (RegSetValueEx (hkey, "ModifyPath", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- sprintf (szTmp, "\"%sVeraCrypt Setup.exe\"", szDir);
+ StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\"", szDir);
if (RegSetValueEx (hkey, "DisplayIcon", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, VERSION_STRING);
+ StringCbCopyA (szTmp, sizeof(szTmp), VERSION_STRING);
if (RegSetValueEx (hkey, "DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, "VeraCrypt");
+ StringCbCopyA (szTmp, sizeof(szTmp), "VeraCrypt");
if (RegSetValueEx (hkey, "DisplayName", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, "IDRIX");
+ StringCbCopyA (szTmp, sizeof(szTmp), "IDRIX");
if (RegSetValueEx (hkey, "Publisher", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
- strcpy (szTmp, TC_HOMEPAGE);
+ StringCbCopyA (szTmp, sizeof(szTmp), TC_HOMEPAGE);
if (RegSetValueEx (hkey, "URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@@ -682,35 +684,35 @@ BOOL DoApplicationDataUninstall (HWND hwndDlg)
StatusMessage (hwndDlg, "REMOVING_APPDATA");
SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path);
- strcat (path, "\\VeraCrypt\\");
+ StringCbCatA (path, sizeof(path), "\\VeraCrypt\\");
// Delete favorite volumes file
- sprintf (path2, "%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES);
+ StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete keyfile defaults
- sprintf (path2, "%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES);
+ StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete history file
- sprintf (path2, "%s%s", path, TC_APPD_FILENAME_HISTORY);
+ StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_HISTORY);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete configuration file
- sprintf (path2, "%s%s", path, TC_APPD_FILENAME_CONFIGURATION);
+ StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_CONFIGURATION);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete system encryption configuration file
- sprintf (path2, "%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION);
+ StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path);
- strcat (path, "\\VeraCrypt");
+ StringCbCatA (path, sizeof(path), "\\VeraCrypt");
RemoveMessage (hwndDlg, path);
if (!StatRemoveDirectory (path))
{
@@ -746,7 +748,7 @@ BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated)
if (!bRemoveDeprecated)
{
- GetStartupRegKeyName (regk);
+ GetStartupRegKeyName (regk, sizeof(regk));
DeleteRegistryValue (regk, "VeraCrypt");
RegDeleteKey (HKEY_LOCAL_MACHINE, "Software\\Classes\\.hc");
@@ -1113,9 +1115,9 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
bSlash = FALSE;
if (bSlash == FALSE)
- strcat (szLinkDir, "\\");
+ StringCbCatA (szLinkDir, sizeof(szLinkDir), "\\");
- strcat (szLinkDir, "VeraCrypt");
+ StringCbCatA (szLinkDir, sizeof(szLinkDir), "VeraCrypt");
// Global start menu
{
@@ -1123,32 +1125,32 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
char path[TC_MAX_PATH];
SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0);
- strcat (path, "\\VeraCrypt");
+ StringCbCatA (path, sizeof(path), "\\VeraCrypt");
if (_stat (path, &st) == 0)
{
- strcpy (szLinkDir, path);
+ StringCbCopyA (szLinkDir, sizeof(szLinkDir), path);
allUsers = TRUE;
}
}
// Start menu entries
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt Website.url");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt Website.url");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
- sprintf (szTmp2, "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
DeleteFile (szTmp2);
// Start menu group
@@ -1163,7 +1165,7 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
else
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0);
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
@@ -1199,11 +1201,11 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
- strcat (szLinkDir, "\\");
+ StringCbCatA (szLinkDir, sizeof(szLinkDir), "\\");
- strcat (szLinkDir, "VeraCrypt");
+ StringCbCatA (szLinkDir, sizeof(szLinkDir), "VeraCrypt");
- strcpy (szDir, szDestDir);
+ StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@@ -1211,7 +1213,7 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
- strcat (szDir, "\\");
+ StringCbCatA (szDir, sizeof(szDir), "\\");
if (bProgGroup)
{
@@ -1221,23 +1223,23 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
{
if (mkfulldir (szLinkDir, FALSE) != 0)
{
- wchar_t szTmp[TC_MAX_PATH];
+ wchar_t szTmpW[TC_MAX_PATH];
handleWin32Error (hwndDlg);
- wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), szLinkDir);
- MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
+ StringCbPrintfW (szTmpW, sizeof(szTmpW), GetString ("CANT_CREATE_FOLDER"), szLinkDir);
+ MessageBoxW (hwndDlg, szTmpW, lpszTitle, MB_ICONHAND);
goto error;
}
}
- sprintf (szTmp, "%s%s", szDir, "VeraCrypt.exe");
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt.exe");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
IconMessage (hwndDlg, szTmp2);
if (CreateLink (szTmp, "", szTmp2) != S_OK)
goto error;
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt Website.url");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt Website.url");
IconMessage (hwndDlg, szTmp2);
f = fopen (szTmp2, "w");
if (f)
@@ -1250,21 +1252,21 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
else
goto error;
- sprintf (szTmp, "%s%s", szDir, "VeraCrypt Setup.exe");
- sprintf (szTmp2, "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
- strcpy (szTmp3, "/u");
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt Setup.exe");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
+ StringCbCopyA (szTmp3, sizeof(szTmp3), "/u");
IconMessage (hwndDlg, szTmp2);
if (CreateLink (szTmp, szTmp3, szTmp2) != S_OK)
goto error;
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
DeleteFile (szTmp2);
}
if (bDesktopIcon)
{
- strcpy (szDir, szDestDir);
+ StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@@ -1272,15 +1274,15 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
- strcat (szDir, "\\");
+ StringCbCatA (szDir, sizeof(szDir), "\\");
if (bForAllUsers)
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0);
else
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0);
- sprintf (szTmp, "%s%s", szDir, "VeraCrypt.exe");
- sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt.exe");
+ StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
IconMessage (hwndDlg, szTmp2);
@@ -1318,7 +1320,7 @@ void OutcomePrompt (HWND hwndDlg, BOOL bOK)
{
wchar_t str[4096];
- swprintf (str, GetString ("UNINSTALL_OK"), InstallationPath);
+ StringCbPrintfW (str, sizeof(str), GetString ("UNINSTALL_OK"), InstallationPath);
MessageBoxW (hwndDlg, str, lpszTitle, MB_ICONASTERISK);
}
}
@@ -1355,7 +1357,7 @@ static void SetSystemRestorePoint (HWND hwndDlg, BOOL finalize)
RestPtInfo.dwEventType = BEGIN_SYSTEM_CHANGE;
RestPtInfo.dwRestorePtType = bUninstall ? APPLICATION_UNINSTALL : APPLICATION_INSTALL | DEVICE_DRIVER_INSTALL;
RestPtInfo.llSequenceNumber = 0;
- strcpy (RestPtInfo.szDescription, bUninstall ? "VeraCrypt uninstallation" : "VeraCrypt installation");
+ StringCbCopyA (RestPtInfo.szDescription, sizeof(RestPtInfo.szDescription), bUninstall ? "VeraCrypt uninstallation" : "VeraCrypt installation");
if(!_SRSetRestorePoint (&RestPtInfo, &SMgrStatus))
{
@@ -1430,7 +1432,7 @@ void DoUninstall (void *arg)
DoServiceUninstall (hwndDlg, "VeraCryptService");
GetTempPath (sizeof (temp), temp);
- _snprintf (UninstallBatch, sizeof (UninstallBatch), "%s\\VeraCrypt-Uninstall.bat", temp);
+ StringCbPrintfA (UninstallBatch, sizeof (UninstallBatch), "%s\\VeraCrypt-Uninstall.bat", temp);
UninstallBatch [sizeof(UninstallBatch)-1] = 0;
@@ -1494,7 +1496,7 @@ void DoInstall (void *arg)
wchar_t szTmp[TC_MAX_PATH];
handleWin32Error (hwndDlg);
- wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), InstallationPath);
+ StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), InstallationPath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
Error ("INSTALL_FAILED");
PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0);
@@ -1556,7 +1558,7 @@ void DoInstall (void *arg)
UpdateProgressBarProc(61);
GetWindowsDirectory (path, sizeof (path));
- strcat_s (path, sizeof (path), "\\VeraCrypt Setup.exe");
+ StringCbCatA (path, sizeof (path), "\\VeraCrypt Setup.exe");
DeleteFile (path);
if (UpdateProgressBarProc(63) && UnloadDriver && DoServiceUninstall (hwndDlg, "veracrypt") == FALSE)
@@ -1715,7 +1717,7 @@ void SetInstallationPath (HWND hwndDlg)
// 4.3 or later
len = strrchr (rv, '/') - rv - 2;
- strncpy (InstallationPath, rv + 1, len);
+ StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv + 1, len);
InstallationPath [len] = 0;
bInstallPathDetermined = TRUE;
@@ -1734,7 +1736,7 @@ void SetInstallationPath (HWND hwndDlg)
{
// 4.0-4.2a
- strncpy (InstallationPath, rv + len + 3, strlen (rv) - len - 3);
+ StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv + len + 3, strlen (rv) - len - 3);
InstallationPath [strlen (rv) - len - 3] = 0;
bInstallPathDetermined = TRUE;
}
@@ -1748,7 +1750,7 @@ void SetInstallationPath (HWND hwndDlg)
Error ("UNINSTALL_OLD_VERSION_FIRST");
len = strrchr (rv, '/') - rv - 1;
- strncpy (InstallationPath, rv, len); // Path and filename of the uninstaller
+ StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv, len); // Path and filename of the uninstaller
InstallationPath [len] = 0;
bInstallPathDetermined = FALSE;
@@ -1778,7 +1780,7 @@ void SetInstallationPath (HWND hwndDlg)
}
else
{
- /* TrueCypt is not installed or it wasn't possible to determine where it is installed. */
+ /* VeraCrypt is not installed or it wasn't possible to determine where it is installed. */
// Default "Program Files" path.
SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList);
@@ -1793,18 +1795,18 @@ void SetInstallationPath (HWND hwndDlg)
{
s = s.substr (0, p);
if (_access (s.c_str(), 0) != -1)
- strcpy_s (path, sizeof (path), s.c_str());
+ StringCbCopyA (path, sizeof (path), s.c_str());
}
}
- strncat (path, "\\VeraCrypt\\", min (strlen("\\VeraCrypt\\"), sizeof(path)-strlen(path)-1));
- strncpy (InstallationPath, path, sizeof(InstallationPath)-1);
+ StringCbCatA (path, sizeof(path), "\\VeraCrypt\\");
+ StringCbCopyA (InstallationPath, sizeof(InstallationPath), path);
}
// Make sure the path ends with a backslash
if (InstallationPath [strlen (InstallationPath) - 1] != '\\')
{
- strcat (InstallationPath, "\\");
+ StringCbCatA (InstallationPath, sizeof(InstallationPath), "\\");
}
}
@@ -2014,10 +2016,10 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
char dllPath[MAX_PATH];
if (GetSystemDirectory (dllPath, MAX_PATH))
{
- strcat(dllPath, "\\srclient.dll");
+ StringCbCatA(dllPath, sizeof(dllPath), "\\srclient.dll");
}
else
- strcpy(dllPath, "C:\\Windows\\System32\\srclient.dll");
+ StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\srclient.dll");
SystemRestoreDll = LoadLibrary (dllPath);
if (!bUninstall)
diff --git a/src/Setup/Wizard.c b/src/Setup/Wizard.c
index abcbeb47..afb3be39 100644
--- a/src/Setup/Wizard.c
+++ b/src/Setup/Wizard.c
@@ -21,6 +21,7 @@
#include "Common/Resource.h"
#include "Resource.h"
#include "Setup.h"
+#include <Strsafe.h>
using namespace std;
@@ -91,10 +92,10 @@ static void InitWizardDestInstallPath (void)
{
if (strlen (WizardDestInstallPath) < 2)
{
- strcpy (WizardDestInstallPath, InstallationPath);
+ StringCbCopyA (WizardDestInstallPath, sizeof(WizardDestInstallPath), InstallationPath);
if (WizardDestInstallPath [strlen (WizardDestInstallPath) - 1] != '\\')
{
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
}
}
@@ -213,7 +214,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case WM_INITDIALOG:
LocalizeDialog (hwndDlg, "IDD_INSTL_DLG");
- sprintf (PageDebugId, "SETUP_WIZARD_PAGE_%d", nCurPageNo);
+ StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "SETUP_WIZARD_PAGE_%d", nCurPageNo);
LastDialogId = PageDebugId;
switch (nCurPageNo)
@@ -307,8 +308,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (strlen(WizardDestExtractPath) < 2)
{
- strcpy (WizardDestExtractPath, SetupFilesDir);
- strncat (WizardDestExtractPath, "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
+ StringCbCopyA (WizardDestExtractPath, sizeof(WizardDestExtractPath), SetupFilesDir);
+ StringCbCatNA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
}
SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0);
@@ -351,9 +352,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE);
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
- strcat (WizardDestExtractPath, "\\");
+ StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
- strcpy (DestExtractPath, WizardDestExtractPath);
+ StringCbCopyA (DestExtractPath, sizeof(DestExtractPath), WizardDestExtractPath);
InitProgressBar ();
@@ -454,9 +455,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
InitProgressBar ();
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
- strcpy (InstallationPath, WizardDestInstallPath);
+ StringCbCopyA (InstallationPath, sizeof(InstallationPath), WizardDestInstallPath);
WaitCursor ();
@@ -544,7 +545,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
memset (&lf, 0, sizeof(lf));
// Main font
- wcsncpy (lf.lfFaceName, L"Times New Roman", sizeof (lf.lfFaceName)/2);
+ StringCbCopyW (lf.lfFaceName, sizeof (lf.lfFaceName),L"Times New Roman");
lf.lfHeight = CompensateDPIFont (-21);
lf.lfWeight = FW_NORMAL;
lf.lfWidth = 0;
@@ -626,7 +627,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
{
- strcat (WizardDestExtractPath, "\\");
+ StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath);
}
@@ -647,7 +648,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
{
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath);
}
@@ -684,7 +685,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
char tmpstr [200];
- sprintf (tmpstr, "&ref=%d", DonColorSchemeId);
+ StringCbPrintfA (tmpstr, sizeof(tmpstr), "&ref=%d", DonColorSchemeId);
Applink ("donate", FALSE, tmpstr);
}