VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Setup/Wizard.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-14 17:18:01 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:21:13 +0100
commit016edc150b034d7401a1652bd3482d613ff4b9d4 (patch)
treecf79aeef0f7e593eb776ee6e9ca393e39a292a09 /src/Setup/Wizard.c
parent5c1db9d0e1287c873d180021cf82e89677fe4aa0 (diff)
downloadVeraCrypt-016edc150b034d7401a1652bd3482d613ff4b9d4.tar.gz
VeraCrypt-016edc150b034d7401a1652bd3482d613ff4b9d4.zip
Static Code Analysis : Use Safe String functions in Setup code to avoid potential security issues.
Diffstat (limited to 'src/Setup/Wizard.c')
-rw-r--r--src/Setup/Wizard.c27
1 files changed, 14 insertions, 13 deletions
diff --git a/src/Setup/Wizard.c b/src/Setup/Wizard.c
index abcbeb47..afb3be39 100644
--- a/src/Setup/Wizard.c
+++ b/src/Setup/Wizard.c
@@ -21,6 +21,7 @@
#include "Common/Resource.h"
#include "Resource.h"
#include "Setup.h"
+#include <Strsafe.h>
using namespace std;
@@ -91,10 +92,10 @@ static void InitWizardDestInstallPath (void)
{
if (strlen (WizardDestInstallPath) < 2)
{
- strcpy (WizardDestInstallPath, InstallationPath);
+ StringCbCopyA (WizardDestInstallPath, sizeof(WizardDestInstallPath), InstallationPath);
if (WizardDestInstallPath [strlen (WizardDestInstallPath) - 1] != '\\')
{
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
}
}
@@ -213,7 +214,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case WM_INITDIALOG:
LocalizeDialog (hwndDlg, "IDD_INSTL_DLG");
- sprintf (PageDebugId, "SETUP_WIZARD_PAGE_%d", nCurPageNo);
+ StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "SETUP_WIZARD_PAGE_%d", nCurPageNo);
LastDialogId = PageDebugId;
switch (nCurPageNo)
@@ -307,8 +308,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (strlen(WizardDestExtractPath) < 2)
{
- strcpy (WizardDestExtractPath, SetupFilesDir);
- strncat (WizardDestExtractPath, "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
+ StringCbCopyA (WizardDestExtractPath, sizeof(WizardDestExtractPath), SetupFilesDir);
+ StringCbCatNA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
}
SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0);
@@ -351,9 +352,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE);
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
- strcat (WizardDestExtractPath, "\\");
+ StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
- strcpy (DestExtractPath, WizardDestExtractPath);
+ StringCbCopyA (DestExtractPath, sizeof(DestExtractPath), WizardDestExtractPath);
InitProgressBar ();
@@ -454,9 +455,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
InitProgressBar ();
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
- strcpy (InstallationPath, WizardDestInstallPath);
+ StringCbCopyA (InstallationPath, sizeof(InstallationPath), WizardDestInstallPath);
WaitCursor ();
@@ -544,7 +545,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
memset (&lf, 0, sizeof(lf));
// Main font
- wcsncpy (lf.lfFaceName, L"Times New Roman", sizeof (lf.lfFaceName)/2);
+ StringCbCopyW (lf.lfFaceName, sizeof (lf.lfFaceName),L"Times New Roman");
lf.lfHeight = CompensateDPIFont (-21);
lf.lfWeight = FW_NORMAL;
lf.lfWidth = 0;
@@ -626,7 +627,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
{
- strcat (WizardDestExtractPath, "\\");
+ StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath);
}
@@ -647,7 +648,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
{
- strcat (WizardDestInstallPath, "\\");
+ StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath);
}
@@ -684,7 +685,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
char tmpstr [200];
- sprintf (tmpstr, "&ref=%d", DonColorSchemeId);
+ StringCbPrintfA (tmpstr, sizeof(tmpstr), "&ref=%d", DonColorSchemeId);
Applink ("donate", FALSE, tmpstr);
}