From 3137d36d9a29ed55be5837abf1be3f959f831abc Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 14 Jul 2014 16:59:14 +0200 Subject: Static Code Analysis : Use Safe string functions inside VeraCrypt Device Driver to avoid potential security issues. Add many checks for NULL pointers to handle low memory use cases. --- src/Driver/Ntvol.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'src/Driver/Ntvol.c') diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index caaf9428..29ccd543 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -30,6 +30,8 @@ #pragma warning( disable : 4127 ) +#include + volatile BOOL ProbingHostDeviceForWrite = FALSE; @@ -380,8 +382,8 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, OBJECT_ATTRIBUTES oaParentFileAttributes; LARGE_INTEGER parentKeyDataOffset; - _snwprintf (parentDrivePath, - sizeof (parentDrivePath) / sizeof (WCHAR) - 1, + RtlStringCbPrintfW (parentDrivePath, + sizeof (parentDrivePath), WIDE ("\\Device\\Harddisk%d\\Partition0"), mount->nPartitionInInactiveSysEncScopeDriveNo); @@ -478,6 +480,14 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, { /* Volume header successfully decrypted */ + if (!Extension->cryptoInfo) + { + /* should never happen */ + mount->nReturnCode = ERR_OUTOFMEMORY; + ntStatus = STATUS_SUCCESS; + goto error; + } + Dump ("Volume header decrypted\n"); Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume); @@ -645,14 +655,14 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, if (wcsstr (pwszMountVolume, WIDE ("\\??\\UNC\\")) == pwszMountVolume) { /* UNC path */ - _snwprintf (Extension->wszVolume, - sizeof (Extension->wszVolume) / sizeof (WCHAR) - 1, + RtlStringCbPrintfW (Extension->wszVolume, + sizeof (Extension->wszVolume), WIDE ("\\??\\\\%s"), pwszMountVolume + 7); } else { - wcsncpy (Extension->wszVolume, pwszMountVolume, sizeof (Extension->wszVolume) / sizeof (WCHAR) - 1); + RtlStringCbCopyW (Extension->wszVolume, sizeof(Extension->wszVolume),pwszMountVolume); } } -- cgit v1.2.3