From c3747824367dbcbe74777c166b6d5d41d6de5dce Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Tue, 13 Jul 2021 21:59:48 +0200
Subject: Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with
 secure equivalents

This fixed failure to build driver for ARM64 with latest VS 2019
---
 src/Common/Crypto.c | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

(limited to 'src/Common/Crypto.c')

diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c
index 4745f981..f4f6202b 100644
--- a/src/Common/Crypto.c
+++ b/src/Common/Crypto.c
@@ -18,6 +18,7 @@
 #include "Common/Endian.h"
 #if !defined(_UEFI)
 #include <string.h>
+#include <strsafe.h>
 #ifndef TC_WINDOWS_BOOT
 #include "EncryptionThreadPool.h"
 #endif
@@ -555,33 +556,35 @@ BOOL EAInitMode (PCRYPTO_INFO ci, unsigned char* key2)
 	return TRUE;
 }
 
-static void EAGetDisplayName(wchar_t *buf, int ea, int i)
+static void EAGetDisplayName(wchar_t *buf, size_t bufLen, int ea, int i)
 {
-	wcscpy (buf, CipherGetName (i));
+	StringCchCopyW (buf, bufLen, CipherGetName (i));
 	if (i = EAGetPreviousCipher(ea, i))
 	{
-		wcscat (buf, L"(");
-		EAGetDisplayName (&buf[wcslen(buf)], ea, i);
-		wcscat (buf, L")");
+		size_t curLen;
+		StringCchCatW (buf, bufLen, L"(");
+		curLen = wcslen(buf);
+		EAGetDisplayName (&buf[curLen], bufLen - curLen, ea, i);
+		StringCchCatW (buf, bufLen, L")");
 	}
 }
 
 // Returns name of EA, cascaded cipher names are separated by hyphens
-wchar_t *EAGetName (wchar_t *buf, int ea, int guiDisplay)
+wchar_t *EAGetName (wchar_t *buf, size_t bufLen, int ea, int guiDisplay)
 {
 	if (guiDisplay)
 	{
-		EAGetDisplayName (buf, ea, EAGetLastCipher(ea));
+		EAGetDisplayName (buf, bufLen, ea, EAGetLastCipher(ea));
 	}
 	else
 	{
 		int i = EAGetLastCipher(ea);
-		wcscpy (buf, (i != 0) ? CipherGetName (i) : L"?");
+		StringCchCopyW (buf, bufLen, (i != 0) ? CipherGetName (i) : L"?");
 
 		while (i = EAGetPreviousCipher(ea, i))
 		{
-			wcscat (buf, L"-");
-			wcscat (buf, CipherGetName (i));
+			StringCchCatW (buf, bufLen, L"-");
+			StringCchCatW (buf, bufLen, CipherGetName (i));
 		}
 	}
 	return buf;
@@ -595,7 +598,7 @@ int EAGetByName (wchar_t *name)
 
 	do
 	{
-		EAGetName(n, ea, 1);
+		EAGetName(n, 128, ea, 1);
 #if defined(_UEFI)
 		if (wcscmp(n, name) == 0)
 #else
@@ -785,11 +788,11 @@ const wchar_t *HashGetName (int hashId)
    return pHash? pHash -> Name : L"";
 }
 
-void HashGetName2 (wchar_t *buf, int hashId)
+void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId)
 {
    Hash* pHash = HashGet(hashId);
    if (pHash)
-		wcscpy(buf, pHash -> Name);
+		StringCchCopyW (buf, bufLen, pHash -> Name);
 	else
 		buf[0] = L'\0';
 }
-- 
cgit v1.2.3