VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-14 15:41:09 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 22:21:27 (GMT)
commitc220db01281564bf5b50575ee7e24b38e45f5050 (patch)
tree5e66aa935ec029ca2bac6fa282f4c18710fc2d0d /src/Common
parentc01f392a7ba1d5cdd4aa182eeb273cf41717d94f (diff)
downloadVeraCrypt-c220db01281564bf5b50575ee7e24b38e45f5050.zip
VeraCrypt-c220db01281564bf5b50575ee7e24b38e45f5050.tar.gz
Static Code Analysis : Generalize the use of Safe String functions. Add some NULL pointer checks. Avoid false-positive detection in AppendMenu (MF_SEPARATOR) calls by setting the last parameter to "" instead of NULL.
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/BootEncryption.cpp32
-rw-r--r--src/Common/Cmdline.c11
-rw-r--r--src/Common/Format.c14
-rw-r--r--src/Common/Keyfiles.c109
-rw-r--r--src/Common/Language.c50
-rw-r--r--src/Common/Progress.c32
-rw-r--r--src/Common/Random.c7
-rw-r--r--src/Common/Tcdefs.h2
-rw-r--r--src/Common/Volumes.c14
9 files changed, 165 insertions, 106 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 1a467ee..0fec287 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -32,6 +32,8 @@
#include "Mount/MainCom.h"
#endif
+#include <Strsafe.h>
+
namespace VeraCrypt
{
#if !defined (SETUP)
@@ -604,7 +606,7 @@ namespace VeraCrypt
GetSystemDriveConfiguration();
ProbeRealDriveSizeRequest request;
- _snwprintf (request.DeviceName, array_capacity (request.DeviceName), L"%hs", DriveConfig.DrivePartition.DevicePath.c_str());
+ StringCbPrintfW (request.DeviceName, sizeof (request.DeviceName), L"%hs", DriveConfig.DrivePartition.DevicePath.c_str());
CallDriver (TC_IOCTL_PROBE_REAL_DRIVE_SIZE, &request, sizeof (request), &request, sizeof (request));
DriveConfig.DrivePartition.Info.PartitionLength = request.RealDriveSize;
@@ -633,7 +635,7 @@ namespace VeraCrypt
partPath << "\\Device\\Harddisk" << driveNumber << "\\Partition" << partNumber;
DISK_PARTITION_INFO_STRUCT diskPartInfo;
- _snwprintf (diskPartInfo.deviceName, array_capacity (diskPartInfo.deviceName), L"%hs", partPath.str().c_str());
+ StringCbPrintfW (diskPartInfo.deviceName, sizeof (diskPartInfo.deviceName), L"%hs", partPath.str().c_str());
try
{
@@ -663,7 +665,7 @@ namespace VeraCrypt
// Volume ID
wchar_t volumePath[TC_MAX_PATH];
- if (ResolveSymbolicLink ((wchar_t *) ws.str().c_str(), volumePath))
+ if (ResolveSymbolicLink ((wchar_t *) ws.str().c_str(), volumePath, sizeof(volumePath)))
{
wchar_t volumeName[TC_MAX_PATH];
HANDLE fh = FindFirstVolumeW (volumeName, array_capacity (volumeName));
@@ -742,8 +744,8 @@ namespace VeraCrypt
memset (&openTestStruct, 0, sizeof (openTestStruct));
DWORD dwResult;
- strcpy ((char *) &openTestStruct.wszFileName[0], devicePath);
- ToUNICODE ((char *) &openTestStruct.wszFileName[0]);
+ StringCbCopyA ((char *) &openTestStruct.wszFileName[0], sizeof(openTestStruct.wszFileName),devicePath);
+ ToUNICODE ((char *) &openTestStruct.wszFileName[0], sizeof(openTestStruct.wszFileName));
openTestStruct.bDetectTCBootLoader = TRUE;
@@ -844,7 +846,7 @@ namespace VeraCrypt
bool BootEncryption::SystemDriveIsDynamic ()
{
GetSystemDriveConfigurationRequest request;
- _snwprintf (request.DevicePath, array_capacity (request.DevicePath), L"%hs", GetSystemDriveConfiguration().DeviceKernelPath.c_str());
+ StringCbPrintfW (request.DevicePath, sizeof (request.DevicePath), L"%hs", GetSystemDriveConfiguration().DeviceKernelPath.c_str());
CallDriver (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG, &request, sizeof (request), &request, sizeof (request));
return request.DriveIsDynamic ? true : false;
@@ -1095,7 +1097,7 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
GetSystemDriveConfigurationRequest request;
- _snwprintf (request.DevicePath, array_capacity (request.DevicePath), L"%hs", GetSystemDriveConfiguration().DeviceKernelPath.c_str());
+ StringCbPrintfW (request.DevicePath, sizeof (request.DevicePath), L"%hs", GetSystemDriveConfiguration().DeviceKernelPath.c_str());
try
{
@@ -1402,8 +1404,10 @@ namespace VeraCrypt
memset (image, 0, RescueIsoImageSize);
// Primary volume descriptor
- strcpy ((char *)image + 0x8000, "\001CD001\001");
- strcpy ((char *)image + 0x7fff + 41, "VeraCrypt Rescue Disk ");
+ const char* szPrimVolDesc = "\001CD001\001";
+ const char* szPrimVolLabel = "VeraCrypt Rescue Disk ";
+ memcpy (image + 0x8000, szPrimVolDesc, strlen(szPrimVolDesc) + 1);
+ memcpy (image + 0x7fff + 41, szPrimVolLabel, strlen(szPrimVolLabel) + 1);
*(uint32 *) (image + 0x7fff + 81) = RescueIsoImageSize / 2048;
*(uint32 *) (image + 0x7fff + 85) = BE32 (RescueIsoImageSize / 2048);
image[0x7fff + 121] = 1;
@@ -1420,11 +1424,13 @@ namespace VeraCrypt
image[0x7fff + 159] = 0x18;
// Boot record volume descriptor
- strcpy ((char *)image + 0x8801, "CD001\001EL TORITO SPECIFICATION");
+ const char* szBootRecDesc = "CD001\001EL TORITO SPECIFICATION";
+ memcpy (image + 0x8801, szBootRecDesc, strlen(szBootRecDesc) + 1);
image[0x8800 + 0x47] = 0x19;
// Volume descriptor set terminator
- strcpy ((char *)image + 0x9000, "\377CD001\001");
+ const char* szVolDescTerm = "\377CD001\001";
+ memcpy (image + 0x9000, szVolDescTerm, strlen(szVolDescTerm) + 1);
// Path table
image[0xA000 + 0] = 1;
@@ -1722,7 +1728,7 @@ namespace VeraCrypt
DWORD size = sizeof (regKeyBuf) - strSize;
// SetupInstallFromInfSection() does not support prepending of values so we have to modify the registry directly
- strncpy ((char *) regKeyBuf, filter.c_str(), sizeof (regKeyBuf));
+ StringCbCopyA ((char *) regKeyBuf, sizeof(regKeyBuf), filter.c_str());
if (RegQueryValueEx (regKey, filterReg.c_str(), NULL, NULL, regKeyBuf + strSize, &size) != ERROR_SUCCESS)
size = 1;
@@ -2318,7 +2324,7 @@ namespace VeraCrypt
void BootEncryption::RestrictPagingFilesToSystemPartition ()
{
char pagingFiles[128];
- strncpy (pagingFiles, "X:\\pagefile.sys 0 0", sizeof (pagingFiles));
+ StringCbCopyA (pagingFiles, sizeof(pagingFiles), "X:\\pagefile.sys 0 0");
pagingFiles[0] = GetWindowsDirectory()[0];
throw_sys_if (!WriteLocalMachineRegistryMultiString ("System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", "PagingFiles", pagingFiles, strlen (pagingFiles) + 2));
diff --git a/src/Common/Cmdline.c b/src/Common/Cmdline.c
index 35507c2..f1f9a8f 100644
--- a/src/Common/Cmdline.c
+++ b/src/Common/Cmdline.c
@@ -20,6 +20,7 @@
#include "Apidrvr.h"
#include "Dlgcode.h"
#include "Language.h"
+#include <Strsafe.h>
/* Except in response to the WM_INITDIALOG message, the dialog box procedure
should return nonzero if it processes the message, and zero if it does
@@ -44,13 +45,13 @@ BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
*tmp = 0;
- strcpy (tmp, "Command line options:\n\n");
+ StringCbCopyA (tmp, 8192, "Command line options:\n\n");
for (i = 0; i < as->arg_cnt; i ++)
{
if (!as->args[i].Internal)
{
- sprintf(tmp2, "%s\t%s\n", as->args[i].short_name, as->args[i].long_name);
- strcat(tmp,tmp2);
+ StringCchPrintf(tmp2, MAX_PATH * 2, "%s\t%s\n", as->args[i].short_name, as->args[i].long_name);
+ StringCchCat(tmp, 8192, tmp2);
}
}
@@ -220,7 +221,7 @@ int GetArgumentValue (char **lpszCommandLineArgs, int nArgPos, int *nArgIdx,
{
/* Handles the case of no space between parameter code and
value */
- strncpy (lpszValue, &lpszCommandLineArgs[*nArgIdx][nArgPos], nValueSize);
+ StringCbCopyA (lpszValue, nValueSize, &lpszCommandLineArgs[*nArgIdx][nArgPos]);
lpszValue[nValueSize - 1] = 0;
return HAS_ARGUMENT;
}
@@ -231,7 +232,7 @@ int GetArgumentValue (char **lpszCommandLineArgs, int nArgPos, int *nArgIdx,
{
/* Handles the case of space between parameter code
and value */
- strncpy (lpszValue, &lpszCommandLineArgs[*nArgIdx + 1][x], nValueSize);
+ StringCbCopyA (lpszValue, nValueSize, &lpszCommandLineArgs[*nArgIdx + 1][x]);
lpszValue[nValueSize - 1] = 0;
(*nArgIdx)++;
return HAS_ARGUMENT;
diff --git a/src/Common/Format.c b/src/Common/Format.c
index 25f20ac..ad6be02 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -29,6 +29,8 @@
#include "Format/FormatCom.h"
#include "Format/Tcformat.h"
+#include <Strsafe.h>
+
int FormatWriteBufferSize = 1024 * 1024;
static uint32 FormatSectorSize = 0;
@@ -129,8 +131,8 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
if (volParams->bDevice)
{
- strcpy ((char *)deviceName, volParams->volumePath);
- ToUNICODE ((char *)deviceName);
+ StringCbCopyA ((char *)deviceName, sizeof(deviceName), volParams->volumePath);
+ ToUNICODE ((char *)deviceName, sizeof(deviceName));
driveLetter = GetDiskDeviceDriveLetter (deviceName);
}
@@ -170,7 +172,7 @@ begin_format:
DWORD dwResult;
int nPass;
- if (FakeDosNameForDevice (volParams->volumePath, dosDev, devName, FALSE) != 0)
+ if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0)
return ERR_OS_ERROR;
if (IsDeviceMounted (devName))
@@ -803,10 +805,10 @@ BOOL FormatNtfs (int driveNo, int clusterSize)
if (GetSystemDirectory (dllPath, MAX_PATH))
{
- strcat(dllPath, "\\fmifs.dll");
+ StringCbCatA(dllPath, sizeof(dllPath), "\\fmifs.dll");
}
else
- strcpy(dllPath, "C:\\Windows\\System32\\fmifs.dll");
+ StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\fmifs.dll");
hModule = LoadLibrary (dllPath);
@@ -819,7 +821,7 @@ BOOL FormatNtfs (int driveNo, int clusterSize)
return FALSE;
}
- wcscat (dir, L":\\");
+ StringCbCatW (dir, sizeof(dir), L":\\");
FormatExResult = FALSE;
diff --git a/src/Common/Keyfiles.c b/src/Common/Keyfiles.c
index e7e55ca..4a6baf4 100644
--- a/src/Common/Keyfiles.c
+++ b/src/Common/Keyfiles.c
@@ -23,11 +23,12 @@
#include "Platform/Finally.h"
#include "Platform/ForEach.h"
+#include <Strsafe.h>
+
using namespace VeraCrypt;
#define stat _stat
#define S_IFDIR _S_IFDIR
-#define snprintf _snprintf
BOOL HiddenFilesPresentInKeyfilePath = FALSE;
@@ -97,13 +98,16 @@ void KeyFileRemoveAll (KeyFile **firstKeyFile)
KeyFile *KeyFileClone (KeyFile *keyFile)
{
- KeyFile *clone;
+ KeyFile *clone = NULL;
if (keyFile == NULL) return NULL;
clone = (KeyFile *) malloc (sizeof (KeyFile));
- strcpy (clone->FileName, keyFile->FileName);
- clone->Next = NULL;
+ if (clone)
+ {
+ StringCbCopyA (clone->FileName, sizeof(clone->FileName), keyFile->FileName);
+ clone->Next = NULL;
+ }
return clone;
}
@@ -298,7 +302,7 @@ BOOL KeyFilesApply (Password *password, KeyFile *firstKeyFile)
/* Find and process all keyfiles in the directory */
int keyfileCount = 0;
- snprintf (searchPath, sizeof (searchPath), "%s\\*.*", kf->FileName);
+ StringCbPrintfA (searchPath, sizeof (searchPath), "%s\\*.*", kf->FileName);
if ((searchHandle = _findfirst (searchPath, &fBuf)) == -1)
{
handleWin32Error (MainDlg);
@@ -311,7 +315,7 @@ BOOL KeyFilesApply (Password *password, KeyFile *firstKeyFile)
{
WIN32_FILE_ATTRIBUTE_DATA fileAttributes;
- snprintf (kfSub->FileName, sizeof(kfSub->FileName), "%s%c%s", kf->FileName,
+ StringCbPrintfA (kfSub->FileName, sizeof(kfSub->FileName), "%s%c%s", kf->FileName,
'\\',
fBuf.name
);
@@ -462,18 +466,21 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
if (lw == IDC_KEYADD)
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
- if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, bHistory))
+ if (kf)
{
- do
+ if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory))
{
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- LoadKeyList (hwndDlg, param->FirstKeyFile);
+ do
+ {
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ LoadKeyList (hwndDlg, param->FirstKeyFile);
- kf = (KeyFile *) malloc (sizeof (KeyFile));
- } while (SelectMultipleFilesNext (kf->FileName));
- }
+ kf = (KeyFile *) malloc (sizeof (KeyFile));
+ } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName)));
+ }
- free (kf);
+ free (kf);
+ }
return 1;
}
@@ -501,10 +508,13 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles)
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
- strcpy_s (kf->FileName, sizeof (kf->FileName), WideToSingleString (keyPath).c_str());
+ if (kf)
+ {
+ strcpy_s (kf->FileName, sizeof (kf->FileName), WideToSingleString (keyPath).c_str());
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- LoadKeyList (hwndDlg, param->FirstKeyFile);
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ LoadKeyList (hwndDlg, param->FirstKeyFile);
+ }
}
}
@@ -574,9 +584,12 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
while (count-- > 0)
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
- DragQueryFile (hdrop, i++, kf->FileName, sizeof (kf->FileName));
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- LoadKeyList (hwndDlg, param->FirstKeyFile);
+ if (kf)
+ {
+ DragQueryFile (hdrop, i++, kf->FileName, sizeof (kf->FileName));
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ LoadKeyList (hwndDlg, param->FirstKeyFile);
+ }
}
DragFinish (hdrop);
@@ -614,6 +627,8 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *param)
{
HMENU popup = CreatePopupMenu ();
+ if (!popup)
+ return FALSE;
int sel;
BOOL status = FALSE;
@@ -628,35 +643,40 @@ BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *par
case IDM_KEYFILES_POPUP_ADD_FILES:
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
- if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, bHistory))
+ if (kf)
{
- do
+ if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory))
{
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- kf = (KeyFile *) malloc (sizeof (KeyFile));
- } while (SelectMultipleFilesNext (kf->FileName));
+ do
+ {
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ kf = (KeyFile *) malloc (sizeof (KeyFile));
+ } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName)));
- param->EnableKeyFiles = TRUE;
- status = TRUE;
- }
+ param->EnableKeyFiles = TRUE;
+ status = TRUE;
+ }
- free (kf);
+ free (kf);
+ }
}
break;
case IDM_KEYFILES_POPUP_ADD_DIR:
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
-
- if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName))
+ if (kf)
{
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- param->EnableKeyFiles = TRUE;
- status = TRUE;
- }
- else
- {
- free (kf);
+ if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName))
+ {
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ param->EnableKeyFiles = TRUE;
+ status = TRUE;
+ }
+ else
+ {
+ free (kf);
+ }
}
}
break;
@@ -669,11 +689,14 @@ BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *par
foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles)
{
KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile));
- strcpy_s (kf->FileName, sizeof (kf->FileName), WideToSingleString (keyPath).c_str());
-
- param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
- param->EnableKeyFiles = TRUE;
- status = TRUE;
+ if (kf)
+ {
+ strcpy_s (kf->FileName, sizeof (kf->FileName), WideToSingleString (keyPath).c_str());
+
+ param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf);
+ param->EnableKeyFiles = TRUE;
+ status = TRUE;
+ }
}
}
}
diff --git a/src/Common/Language.c b/src/Common/Language.c
index b146f82..3ec95db 100644
--- a/src/Common/Language.c
+++ b/src/Common/Language.c
@@ -26,6 +26,8 @@
#include "../Setup/Resource.h"
#endif
+#include <Strsafe.h>
+
BOOL LocalizationActive;
int LocalizationSerialNo;
@@ -68,8 +70,9 @@ static char *MapNextLanguageFile ()
GetModuleFileNameW (NULL, f, sizeof (f) / sizeof (f[0]));
t = wcsrchr (f, L'\\');
if (t == NULL) return NULL;
-
- wcscpy (t, L"\\Language*.xml");
+
+ *t = 0;
+ StringCbCatW (f, sizeof(f), L"\\Language*.xml");
LanguageFileFindHandle = FindFirstFileW (f, &find);
}
@@ -88,14 +91,29 @@ static char *MapNextLanguageFile ()
GetModuleFileNameW (NULL, f, sizeof (f) / sizeof(f[0]));
t = wcsrchr (f, L'\\');
- wcscpy (t + 1, find.cFileName);
+ if (t == NULL)
+ {
+ free(LanguageFileBuffer);
+ return NULL;
+ }
+
+ t[1] = 0;
+ StringCbCatW (f, sizeof(f),find.cFileName);
file = CreateFileW (f, GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);
- if (file == INVALID_HANDLE_VALUE) return NULL;
+ if (file == INVALID_HANDLE_VALUE)
+ {
+ free(LanguageFileBuffer);
+ return NULL;
+ }
ReadFile (file, LanguageFileBuffer, find.nFileSizeLow, &read, NULL);
CloseHandle (file);
- if (read != find.nFileSizeLow) return NULL;
+ if (read != find.nFileSizeLow)
+ {
+ free(LanguageFileBuffer);
+ return NULL;
+ }
return LanguageFileBuffer;
}
@@ -130,7 +148,7 @@ BOOL LoadLanguageFile ()
ClearDictionaryPool ();
if (PreferredLangId[0] != 0)
- strcpy (langId, PreferredLangId);
+ StringCbCopyA (langId, sizeof(langId), PreferredLangId);
// Parse all available language files until preferred language is found
for (res = MapFirstLanguageFile (); res != NULL; res = MapNextLanguageFile ())
@@ -147,7 +165,7 @@ BOOL LoadLanguageFile ()
if (defaultLangParsed && strcmp (attr, VERSION_STRING) && strcmp (attr, "DEBUG"))
{
wchar_t m[2048];
- swprintf (m, L"The installed language pack is incompatible with this version of VeraCrypt (the language pack is for VeraCrypt %hs). A newer version may be available at www.idrix.fr.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\VeraCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\VeraCrypt', etc.)", attr);
+ StringCbPrintfW (m, sizeof(m), L"The installed language pack is incompatible with this version of VeraCrypt (the language pack is for VeraCrypt %hs). A newer version may be available at www.idrix.fr.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\VeraCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\VeraCrypt', etc.)", attr);
MessageBoxW (NULL, m, L"VeraCrypt", MB_ICONERROR);
continue;
}
@@ -189,7 +207,7 @@ BOOL LoadLanguageFile ()
XmlGetAttributeText (xml, "size", attr, sizeof (attr));
sscanf (attr, "%d", &font.Size);
- strcpy (attr, "font_");
+ StringCbCopyA (attr, sizeof(attr), "font_");
XmlGetAttributeText (xml, "class", attr + 5, sizeof (attr) - 5);
AddDictionaryEntry (
AddPoolData ((void *) attr, strlen (attr) + 1), 0,
@@ -375,13 +393,13 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
// Language pack version
if (!ActiveLangPackVersion[0] || memcmp (ActiveLangPackVersion, "0.0.0", 5) == 0)
{
- swprintf (szVers, GetString("LANG_PACK_VERSION"), L"--");
+ StringCbPrintfW (szVers, sizeof(szVers), GetString("LANG_PACK_VERSION"), L"--");
}
else
{
nLen = MultiByteToWideChar (CP_UTF8, 0, ActiveLangPackVersion, -1, wversion, sizeof (wversion) / sizeof(wversion[0]));
if (nLen != 0 && nLen != ERROR_NO_UNICODE_TRANSLATION)
- swprintf (szVers, GetString("LANG_PACK_VERSION"), wversion);
+ StringCbPrintfW (szVers, sizeof(szVers),GetString("LANG_PACK_VERSION"), wversion);
}
SetWindowTextW (GetDlgItem (hwndDlg, IDC_LANGPACK_VERSION), szVers);
@@ -394,7 +412,7 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
}
}
- strcpy (lastLangId, attr);
+ StringCbCopyA (lastLangId, sizeof(lastLangId),attr);
langCount++;
}
}
@@ -410,7 +428,7 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
EndDialog (hwndDlg, IDCANCEL);
if (langCount == 2)
- strcpy (PreferredLangId, lastLangId);
+ StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), lastLangId);
EndDialog (hwndDlg, IDOK);
}
@@ -446,7 +464,7 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
}
if (SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETCOUNT, 0, 0) > 1)
- strcpy (PreferredLangId, l);
+ StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), l);
}
}
@@ -465,7 +483,7 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
char tmpstr [256];
if (strlen (ActiveLangPackVersion) > 0 && strlen (GetPreferredLangId()) > 0)
- sprintf (tmpstr, "&langpackversion=%s&lang=%s", ActiveLangPackVersion, GetPreferredLangId());
+ StringCbPrintfA (tmpstr, sizeof(tmpstr), "&langpackversion=%s&lang=%s", ActiveLangPackVersion, GetPreferredLangId());
else
tmpstr[0] = 0;
@@ -488,7 +506,7 @@ char *GetPreferredLangId ()
void SetPreferredLangId (char *langId)
{
- strncpy (PreferredLangId, langId, 5);
+ StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), langId);
}
@@ -503,7 +521,7 @@ wchar_t *GetString (const char *stringId)
WCHAR *str = (WCHAR *) GetDictionaryValue (stringId);
if (str != NULL) return str;
- wsprintfW (UnknownString, UNKNOWN_STRING_ID L"%hs" UNKNOWN_STRING_ID, stringId);
+ StringCbPrintfW (UnknownString, sizeof(UnknownString), UNKNOWN_STRING_ID L"%hs" UNKNOWN_STRING_ID, stringId);
return UnknownString;
}
diff --git a/src/Common/Progress.c b/src/Common/Progress.c
index afa6f64..89697a6 100644
--- a/src/Common/Progress.c
+++ b/src/Common/Progress.c
@@ -17,6 +17,8 @@
#include "../Format/FormatCom.h"
#include "../Format/resource.h"
+#include <Strsafe.h>
+
static ULONG prevTime, startTime;
static __int64 TotalSize;
static __int64 resumedPointBytesDone;
@@ -74,31 +76,31 @@ BOOL UpdateProgressBarProc (__int64 byteOffset)
double perc = (double) (100.0 * (bProgressBarReverse ? ((double) (TotalSize - byteOffset)) : ((double) byteOffset)) / (TotalSize == 0 ? 0.0001 : ((double) TotalSize)));
if (perc > 99.999999999)
- wcscpy (text, GetString ("PROCESSED_PORTION_100_PERCENT"));
+ StringCbCopyW (text,sizeof(text), GetString ("PROCESSED_PORTION_100_PERCENT"));
else
- _snwprintf (text, sizeof text/2, GetString ("PROCESSED_PORTION_X_PERCENT"), perc);
+ StringCbPrintfW (text, sizeof text, GetString ("PROCESSED_PORTION_X_PERCENT"), perc);
- wcscat (speed, L" ");
+ StringCbCatW (speed, sizeof(speed), L" ");
}
else
{
- GetSizeString (bytesDone, text);
+ GetSizeString (bytesDone, text, sizeof(text));
if (bytesDone < (unsigned __int64) BYTES_PER_MB * 1000000)
- swprintf(text, L"%I64d %s ", bytesDone / BYTES_PER_MB, GetString ("MB"));
+ StringCbPrintfW(text, sizeof(text), L"%I64d %s ", bytesDone / BYTES_PER_MB, GetString ("MB"));
else if (bytesDone < (unsigned __int64) BYTES_PER_GB * 1000000)
- swprintf(text, L"%I64d %s ", bytesDone / BYTES_PER_GB, GetString ("GB"));
+ StringCbPrintfW(text, sizeof(text), L"%I64d %s ", bytesDone / BYTES_PER_GB, GetString ("GB"));
else if (bytesDone < (unsigned __int64) BYTES_PER_TB * 1000000)
- swprintf(text, L"%I64d %s ", bytesDone / BYTES_PER_TB, GetString ("TB"));
+ StringCbPrintfW(text, sizeof(text), L"%I64d %s ", bytesDone / BYTES_PER_TB, GetString ("TB"));
else
- swprintf(text, L"%I64d %s ", bytesDone / BYTES_PER_PB, GetString ("PB"));
+ StringCbPrintfW(text, sizeof(text), L"%I64d %s ", bytesDone / BYTES_PER_PB, GetString ("PB"));
}
SetWindowTextW (GetDlgItem (hCurPage, IDC_BYTESWRITTEN), text);
if (!bShowStatus)
{
- GetSpeedString (bRWThroughput ? bytesPerSec*2 : bytesPerSec, speed);
- wcscat (speed, L" ");
+ GetSpeedString (bRWThroughput ? bytesPerSec*2 : bytesPerSec, speed, sizeof(speed));
+ StringCbCatW (speed, sizeof(speed), L" ");
SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), speed);
}
@@ -107,15 +109,15 @@ BOOL UpdateProgressBarProc (__int64 byteOffset)
int64 sec = (int64) ((bProgressBarReverse ? byteOffset : (TotalSize - byteOffset)) / (bytesPerSec == 0 ? 0.001 : bytesPerSec));
if (bytesPerSec == 0 || sec > 60 * 60 * 24 * 999)
- swprintf (text, L"%s ", GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"));
+ StringCbPrintfW (text, sizeof(text), L"%s ", GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"));
else if (sec >= 60 * 60 * 24 * 2)
- swprintf (text, L"%I64d %s ", sec / (60 * 24 * 60), days);
+ StringCbPrintfW (text, sizeof(text), L"%I64d %s ", sec / (60 * 24 * 60), days);
else if (sec >= 120 * 60)
- swprintf (text, L"%I64d %s ", sec / (60 * 60), hours);
+ StringCbPrintfW (text, sizeof(text), L"%I64d %s ", sec / (60 * 60), hours);
else if (sec >= 120)
- swprintf (text, L"%I64d %s ", sec / 60, minutes);
+ StringCbPrintfW (text, sizeof(text), L"%I64d %s ", sec / 60, minutes);
else
- swprintf (text, L"%I64d %s ", sec, seconds);
+ StringCbPrintfW (text, sizeof(text), L"%I64d %s ", sec, seconds);
SetWindowTextW (GetDlgItem (hCurPage, IDC_TIMEREMAIN), text);
}
diff --git a/src/Common/Random.c b/src/Common/Random.c
index c897e3b..445e8f2 100644
--- a/src/Common/Random.c
+++ b/src/Common/Random.c
@@ -12,6 +12,7 @@
#include "Tcdefs.h"
#include "Crc.h"
#include "Random.h"
+#include <Strsafe.h>
static unsigned __int8 buffer[RNG_POOL_SIZE];
static unsigned char *pRandPool = NULL;
@@ -576,10 +577,10 @@ BOOL SlowPoll (void)
char dllPath[MAX_PATH];
if (GetSystemDirectory (dllPath, MAX_PATH))
{
- strcat(dllPath, "\\NETAPI32.DLL");
+ StringCbCatA(dllPath, sizeof(dllPath), "\\NETAPI32.DLL");
}
else
- strcpy(dllPath, "C:\\Windows\\System32\\NETAPI32.DLL");
+ StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\NETAPI32.DLL");
hNetAPI32 = LoadLibrary (dllPath);
if (hNetAPI32 != NULL)
@@ -630,7 +631,7 @@ BOOL SlowPoll (void)
char szDevice[24];
/* Check whether we can access this device */
- sprintf (szDevice, "\\\\.\\PhysicalDrive%d", nDrive);
+ StringCbPrintfA (szDevice, sizeof(szDevice), "\\\\.\\PhysicalDrive%d", nDrive);
hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, OPEN_EXISTING, 0, NULL);
if (hDevice == INVALID_HANDLE_VALUE)
diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h
index 0bf41d7..423eed2 100644
--- a/src/Common/Tcdefs.h
+++ b/src/Common/Tcdefs.h
@@ -197,7 +197,7 @@ typedef int BOOL;
# ifdef DEVICE_DRIVER
# define trace_msg Dump
# elif defined (_WIN32)
-# define trace_msg(...) do { char msg[2048]; _snprintf (msg, sizeof (msg), __VA_ARGS__); OutputDebugString (msg); } while (0)
+# define trace_msg(...) do { char msg[2048]; StringCbPrintfA (msg, sizeof (msg), __VA_ARGS__); OutputDebugString (msg); } while (0)
# endif
# define trace_point trace_msg (__FUNCTION__ ":" TC_TO_STRING(__LINE__) "\n")
# else
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 506a4d0..15ee8fe 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -33,6 +33,9 @@
#include "Volumes.h"
#include "Pkcs5.h"
+#ifdef _WIN32
+#include <Strsafe.h>
+#endif
/* Volume header v5 structure (used since TrueCrypt 7.0): */
//
@@ -187,6 +190,9 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
}
else
{
+ if (!retInfo)
+ return ERR_PARAMETER_INCORRECT;
+
cryptoInfo = *retInfo = crypto_open ();
if (cryptoInfo == NULL)
return ERR_OUTOFMEMORY;
@@ -934,16 +940,16 @@ int CreateVolumeHeaderInMemory (BOOL bBoot, char *header, int ea, int mode, Pass
for (i = 0; i < j; i++)
{
char tmp2[8] = {0};
- sprintf (tmp2, "%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]);
- strcat (MasterKeyGUIView, tmp2);
+ StringCbPrintfA (tmp2, sizeof(tmp2), "%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]);
+ StringCbCatA (MasterKeyGUIView, sizeof(MasterKeyGUIView), tmp2);
}
HeaderKeyGUIView[0] = 0;
for (i = 0; i < NBR_KEY_BYTES_TO_DISPLAY; i++)
{
char tmp2[8];
- sprintf (tmp2, "%02X", (int) (unsigned char) dk[primaryKeyOffset + i]);
- strcat (HeaderKeyGUIView, tmp2);
+ StringCbPrintfA (tmp2, sizeof(tmp2), "%02X", (int) (unsigned char) dk[primaryKeyOffset + i]);
+ StringCbCatA (HeaderKeyGUIView, sizeof(HeaderKeyGUIView), tmp2);
}
if (dots3)