From d5f34ad49d345803767d4a1166d764f9f8485541 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 8 Feb 2015 23:46:04 +0100
Subject: Static Code Analysis: Avoid over-flaw in arithmetic operations by
 adding more checks. Add extra checks. Solve various issues.

---
 src/Setup/Dir.c   | 21 +++++++++++----------
 src/Setup/Setup.c | 31 ++++++++++++++++---------------
 2 files changed, 27 insertions(+), 25 deletions(-)

(limited to 'src/Setup')

diff --git a/src/Setup/Dir.c b/src/Setup/Dir.c
index a0380ef2..ec530df4 100644
--- a/src/Setup/Dir.c
+++ b/src/Setup/Dir.c
@@ -17,6 +17,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <errno.h>
+#include <Strsafe.h>
 
 #include "Dir.h"
 
@@ -28,7 +29,7 @@ mkfulldir (char *oriPath, BOOL bCheckonly)
 	char *uniq_file;
 	char path [TC_MAX_PATH];
 
-	strcpy (path, oriPath);
+	StringCbCopyA (path, TC_MAX_PATH, oriPath);
 
 	if (strlen (path) == 3 && path[1] == ':')
 		goto is_root;	/* keep final slash in root if present */
@@ -63,7 +64,7 @@ mkfulldir_internal (char *path)
 	static char tokpath[_MAX_PATH];
 	static char trail[_MAX_PATH];
 
-	strcpy (tokpath, path);
+	StringCbCopyA (tokpath, _MAX_PATH, path);
 	trail[0] = '\0';
 
 	token = strtok (tokpath, "\\/");
@@ -75,13 +76,13 @@ mkfulldir_internal (char *path)
 		trail[2] = '\0';
 		if (token)
 		{
-			strcat (trail, token);
-			strcat (trail, "\\");
+			StringCbCatA (trail, _MAX_PATH, token);
+			StringCbCatA (trail, _MAX_PATH, "\\");
 			token = strtok (NULL, "\\/");
 			if (token)
 			{		/* get share name */
-				strcat (trail, token);
-				strcat (trail, "\\");
+				StringCbCatA (trail, _MAX_PATH, token);
+				StringCbCatA (trail, _MAX_PATH, "\\");
 			}
 			token = strtok (NULL, "\\/");
 		}
@@ -89,17 +90,17 @@ mkfulldir_internal (char *path)
 
 	if (tokpath[1] == ':')
 	{			/* drive letter */
-		strcat (trail, tokpath);
-		strcat (trail, "\\");
+		StringCbCatA (trail, _MAX_PATH, tokpath);
+		StringCbCatA (trail, _MAX_PATH, "\\");
 		token = strtok (NULL, "\\/");
 	}
 
 	while (token != NULL)
 	{
 		int x;
-		strcat (trail, token);
+		StringCbCatA (trail, _MAX_PATH, token);
 		x = _mkdir (trail);
-		strcat (trail, "\\");
+		StringCbCatA (trail, _MAX_PATH, "\\");
 		token = strtok (NULL, "\\/");
 	}
 
diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index 9f5fbfdd..dc8123c6 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -251,11 +251,12 @@ void IconMessage (HWND hwndDlg, char *txt)
 void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersionPtr)
 {
 	LONG driverVersion = VERSION_NUM;
+	int status = 0;
 
 	if (hDriver == INVALID_HANDLE_VALUE)
-		DriverAttach();
+		status = DriverAttach();
 
-	if (hDriver != INVALID_HANDLE_VALUE)
+	if ((status == 0) && (hDriver != INVALID_HANDLE_VALUE))
 	{
 		DWORD dwResult;
 		BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL);
@@ -745,7 +746,6 @@ BOOL DoApplicationDataUninstall (HWND hwndDlg)
 
 BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated)
 {
-	BOOL bOK = FALSE;
 	char regk [64];
 
 	// Unregister COM servers
@@ -775,17 +775,7 @@ BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated)
 		SHChangeNotify (SHCNE_ASSOCCHANGED, SHCNF_IDLIST, NULL, NULL);
 	}
 
-	bOK = TRUE;
-
-	if (bOK == FALSE && GetLastError ()!= ERROR_NO_TOKEN && GetLastError ()!= ERROR_FILE_NOT_FOUND
-	    && GetLastError ()!= ERROR_PATH_NOT_FOUND)
-	{
-		handleWin32Error (hwndDlg);
-	}
-	else
-		bOK = TRUE;
-
-	return bOK;
+	return TRUE;
 }
 
 
@@ -876,10 +866,16 @@ try_delete:
 		StatusMessageParam (hwndDlg, "REMOVING", lpszService);
 
 	if (hService != NULL)
+	{
 		CloseServiceHandle (hService);
+		hService = NULL;
+	}
 
 	if (hManager != NULL)
+	{
 		CloseServiceHandle (hManager);
+		hManager = NULL;
+	}
 
 	hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS);
 	if (hManager == NULL)
@@ -897,6 +893,8 @@ try_delete:
 			// Second try for an eventual no-install driver instance
 			CloseServiceHandle (hService);
 			CloseServiceHandle (hManager);
+			hService = NULL;
+			hManager = NULL;
 
 			Sleep(1000);
 			firstTry = FALSE;
@@ -1944,6 +1942,7 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
 	if (IsAdmin () != TRUE)
 		if (MessageBoxW (NULL, GetString ("SETUP_ADMIN"), lpszTitle, MB_YESNO | MB_ICONQUESTION) != IDYES)
 		{
+			FinalizeApp ();
 			exit (1);
 		}
 
@@ -2009,6 +2008,7 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
 			else if (!bDevm)
 			{
 				MessageBox (NULL, "Error: This installer file does not contain any compressed files.\n\nTo create a self-extracting installation package (with embedded compressed files), run:\n\"VeraCrypt Setup.exe\" /p", "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST);
+				FinalizeApp ();
 				exit (1);
 			}
 
@@ -2028,6 +2028,7 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
 					bUninstall = TRUE;
 					break;
 				default:
+					FinalizeApp ();
 					exit (1);
 				}
 			}
@@ -2076,6 +2077,6 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
 			}
 		}
 	}
-
+	FinalizeApp ();
 	return 0;
 }
-- 
cgit v1.2.3