Static Code Analysis : Use Safe String functions in Setup code to avoid potential security issues.

This commit is contained in:
Mounir IDRASSI 2014-07-14 17:18:01 +02:00
parent 5c1db9d0e1
commit 016edc150b
3 changed files with 108 additions and 105 deletions

View File

@ -18,6 +18,7 @@
#include "Dir.h"
#include "Language.h"
#include "Resource.h"
#include <Strsafe.h>
#define OutputPackageFile "VeraCrypt Setup " VERSION_STRING ".exe"
@ -240,12 +241,12 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
goto err;
if (szDestDir[x - 1] != '\\')
strcat (szDestDir, "\\");
StringCbCatA (szDestDir, MAX_PATH, "\\");
GetModuleFileName (NULL, inputFile, sizeof (inputFile));
strcpy (outputFile, szDestDir);
strncat (outputFile, OutputPackageFile, sizeof (outputFile) - strlen (outputFile) - 1);
StringCbCopyA (outputFile, sizeof(outputFile), szDestDir);
StringCbCatA (outputFile, sizeof(outputFile), OutputPackageFile);
// Clone 'VeraCrypt Setup.exe' to create the base of the new self-extracting archive
@ -262,13 +263,13 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++)
{
_snprintf (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
StringCbPrintfA (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
if (!FileExists (szTmpFilePath))
{
char tmpstr [1000];
_snprintf (tmpstr, sizeof(tmpstr), "File not found:\n\n'%s'", szTmpFilePath);
StringCbPrintfA (tmpstr, sizeof(tmpstr), "File not found:\n\n'%s'", szTmpFilePath);
remove (outputFile);
PkgError (tmpstr);
goto err;
@ -308,7 +309,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
DWORD tmpFileSize;
unsigned char *tmpBuffer;
_snprintf (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
StringCbPrintfA (szTmpFilePath, sizeof(szTmpFilePath), "%s%s", szDestDir, szCompressedFiles[i]);
tmpBuffer = LoadFile (szTmpFilePath, &tmpFileSize);
@ -317,7 +318,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
char tmpstr [1000];
free (tmpBuffer);
_snprintf (tmpstr, sizeof(tmpstr), "Cannot load file \n'%s'", szTmpFilePath);
StringCbPrintfA (tmpstr, sizeof(tmpstr), "Cannot load file \n'%s'", szTmpFilePath);
remove (outputFile);
PkgError (tmpstr);
goto err;
@ -436,7 +437,7 @@ BOOL MakeSelfExtractingPackage (HWND hwndDlg, char *szDestDir)
}
}
sprintf (tmpStr, "Self-extracting package successfully created (%s)", outputFile);
StringCbPrintfA (tmpStr, sizeof(tmpStr), "Self-extracting package successfully created (%s)", outputFile);
PkgInfo (tmpStr);
return TRUE;
@ -697,7 +698,7 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
wchar_t szTmp[TC_MAX_PATH];
handleWin32Error (hwndDlg);
wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), DestExtractPath);
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), DestExtractPath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
bSuccess = FALSE;
goto eaf_end;
@ -710,10 +711,9 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
char filePath [TC_MAX_PATH] = {0};
// Filename
strncpy (fileName, Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength);
fileName [Decompressed_Files[fileNo].fileNameLength] = 0;
strcpy (filePath, DestExtractPath);
strcat (filePath, fileName);
StringCbCopyNA (fileName, sizeof(fileName), Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength);
StringCbCopyA (filePath, sizeof(filePath), DestExtractPath);
StringCbCatA (filePath, sizeof(filePath), fileName);
StatusMessageParam (hwndDlg, "EXTRACTING_VERB", filePath);
@ -726,7 +726,7 @@ void __cdecl ExtractAllFilesThread (void *hwndDlg)
{
wchar_t szTmp[512];
_snwprintf (szTmp, sizeof (szTmp) / 2, GetString ("CANNOT_WRITE_FILE_X"), filePath);
StringCbPrintfW (szTmp, sizeof (szTmp), GetString ("CANNOT_WRITE_FILE_X"), filePath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST);
bSuccess = FALSE;
goto eaf_end;

View File

@ -44,6 +44,8 @@ using namespace VeraCrypt;
#pragma warning( default : 4201 )
#pragma warning( default : 4115 )
#include <Strsafe.h>
char InstallationPath[TC_MAX_PATH];
char SetupFilesDir[TC_MAX_PATH];
char UninstallBatch[MAX_PATH];
@ -194,7 +196,7 @@ void StatusMessageParam (HWND hwndDlg, char *stringId, char *param)
if (Rollback)
return;
wsprintfW (szTmp, L"%s %hs", GetString (stringId), param);
StringCbPrintfW (szTmp, sizeof(szTmp), L"%s %hs", GetString (stringId), param);
SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) szTmp);
SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX,
@ -296,7 +298,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
return FALSE;
if (szDestDir[x - 1] != '\\')
strcat (szDestDir, "\\");
StringCbCatA (szDestDir, MAX_PATH, "\\");
for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++)
{
@ -313,16 +315,16 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
}
if (*szFiles[i] == 'A')
strcpy (szDir, szDestDir);
StringCbCopyA (szDir, sizeof(szDir), szDestDir);
else if (*szFiles[i] == 'D')
{
GetSystemDirectory (szDir, sizeof (szDir));
x = strlen (szDir);
if (szDir[x - 1] != '\\')
strcat (szDir, "\\");
StringCbCatA (szDir, sizeof(szDir), "\\");
strcat (szDir, "Drivers\\");
StringCbCatA (szDir, sizeof(szDir), "Drivers\\");
}
else if (*szFiles[i] == 'W')
GetWindowsDirectory (szDir, sizeof (szDir));
@ -330,7 +332,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
if (*szFiles[i] == 'I')
continue;
sprintf (szTmp, "%s%s", szDir, szFiles[i] + 1);
StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, szFiles[i] + 1);
if (bUninstall == FALSE)
CopyMessage (hwndDlg, szTmp);
@ -354,14 +356,14 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
{
BOOL driver64 = FALSE;
strncpy (curFileName, szFiles[i] + 1, strlen (szFiles[i]) - 1);
StringCbCopyNA (curFileName, sizeof(curFileName), szFiles[i] + 1, strlen (szFiles[i]) - 1);
curFileName [strlen (szFiles[i]) - 1] = 0;
if (Is64BitOs ()
&& strcmp (szFiles[i], "Dveracrypt.sys") == 0)
{
driver64 = TRUE;
strncpy (curFileName, FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER));
StringCbCopyNA (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER));
}
if (!bDevm)
@ -456,9 +458,9 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
if (bUninstall == FALSE)
wsprintfW (szTmp2, GetString ("INSTALL_OF_FAILED"), szTmp, lpMsgBuf);
StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("INSTALL_OF_FAILED"), szTmp, lpMsgBuf);
else
wsprintfW (szTmp2, GetString ("UNINSTALL_OF_FAILED"), szTmp, lpMsgBuf);
StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("UNINSTALL_OF_FAILED"), szTmp, lpMsgBuf);
LocalFree (lpMsgBuf);
@ -479,7 +481,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
if (h != INVALID_HANDLE_VALUE)
{
char d[MAX_PATH*2];
sprintf (d, "%s%s", szDestDir, f.cFileName);
StringCbPrintfA (d, sizeof(d), "%s%s", szDestDir, f.cFileName);
CopyMessage (hwndDlg, d);
TCCopyFile (f.cFileName, d);
FindClose (h);
@ -491,7 +493,7 @@ BOOL DoFilesInstall (HWND hwndDlg, char *szDestDir)
if (h != INVALID_HANDLE_VALUE)
{
char d[MAX_PATH*2];
sprintf (d, "%s%s", szDestDir, f.cFileName);
StringCbPrintfA (d, sizeof(d), "%s%s", szDestDir, f.cFileName);
CopyMessage (hwndDlg, d);
TCCopyFile (f.cFileName, d);
FindClose (h);
@ -516,10 +518,10 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt",
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) == ERROR_SUCCESS)
{
strcpy (szTmp, VERSION_STRING);
StringCbCopyA (szTmp, sizeof(szTmp), VERSION_STRING);
RegSetValueEx (hkey, "DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1);
strcpy (szTmp, TC_HOMEPAGE);
StringCbCopyA (szTmp, sizeof(szTmp), TC_HOMEPAGE);
RegSetValueEx (hkey, "URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1);
RegCloseKey (hkey);
@ -528,7 +530,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
return TRUE;
}
strcpy (szDir, szDestDir);
StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@ -536,7 +538,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
bSlash = FALSE;
if (bSlash == FALSE)
strcat (szDir, "\\");
StringCbCatA (szDir, sizeof(szDir), "\\");
if (bInstallType)
{
@ -548,11 +550,11 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, "VeraCrypt Volume");
StringCbCopyA (szTmp, sizeof(szTmp), "VeraCrypt Volume");
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
sprintf (szTmp, "%ws", TC_APPLICATION_ID);
StringCbPrintfA (szTmp, sizeof(szTmp), "%ws", TC_APPLICATION_ID);
if (RegSetValueEx (hkey, "AppUserModelID", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@ -566,7 +568,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
sprintf (szTmp, "%sVeraCrypt.exe,1", szDir);
StringCbPrintfA (szTmp, sizeof(szTmp), "%sVeraCrypt.exe,1", szDir);
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@ -580,7 +582,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
sprintf (szTmp, "\"%sVeraCrypt.exe\" /v \"%%1\"", szDir );
StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt.exe\" /v \"%%1\"", szDir );
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@ -601,7 +603,7 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, "VeraCryptVolume");
StringCbCopyA (szTmp, sizeof(szTmp), "VeraCryptVolume");
if (RegSetValueEx (hkey, "", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@ -620,31 +622,31 @@ BOOL DoRegInstall (HWND hwndDlg, char *szDestDir, BOOL bInstallType)
goto error;
/* IMPORTANT: IF YOU CHANGE THIS IN ANY WAY, REVISE AND UPDATE SetInstallationPath() ACCORDINGLY! */
sprintf (szTmp, "\"%sVeraCrypt Setup.exe\" /u", szDir);
StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\" /u", szDir);
if (RegSetValueEx (hkey, "UninstallString", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
sprintf (szTmp, "\"%sVeraCrypt Setup.exe\" /c", szDir);
StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\" /c", szDir);
if (RegSetValueEx (hkey, "ModifyPath", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
sprintf (szTmp, "\"%sVeraCrypt Setup.exe\"", szDir);
StringCbPrintfA (szTmp, sizeof(szTmp), "\"%sVeraCrypt Setup.exe\"", szDir);
if (RegSetValueEx (hkey, "DisplayIcon", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, VERSION_STRING);
StringCbCopyA (szTmp, sizeof(szTmp), VERSION_STRING);
if (RegSetValueEx (hkey, "DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, "VeraCrypt");
StringCbCopyA (szTmp, sizeof(szTmp), "VeraCrypt");
if (RegSetValueEx (hkey, "DisplayName", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, "IDRIX");
StringCbCopyA (szTmp, sizeof(szTmp), "IDRIX");
if (RegSetValueEx (hkey, "Publisher", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
strcpy (szTmp, TC_HOMEPAGE);
StringCbCopyA (szTmp, sizeof(szTmp), TC_HOMEPAGE);
if (RegSetValueEx (hkey, "URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, strlen (szTmp) + 1) != ERROR_SUCCESS)
goto error;
@ -682,35 +684,35 @@ BOOL DoApplicationDataUninstall (HWND hwndDlg)
StatusMessage (hwndDlg, "REMOVING_APPDATA");
SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path);
strcat (path, "\\VeraCrypt\\");
StringCbCatA (path, sizeof(path), "\\VeraCrypt\\");
// Delete favorite volumes file
sprintf (path2, "%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES);
StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete keyfile defaults
sprintf (path2, "%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES);
StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete history file
sprintf (path2, "%s%s", path, TC_APPD_FILENAME_HISTORY);
StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_HISTORY);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete configuration file
sprintf (path2, "%s%s", path, TC_APPD_FILENAME_CONFIGURATION);
StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_CONFIGURATION);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
// Delete system encryption configuration file
sprintf (path2, "%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION);
StringCbPrintfA (path2, sizeof(path2), "%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION);
RemoveMessage (hwndDlg, path2);
StatDeleteFile (path2);
SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path);
strcat (path, "\\VeraCrypt");
StringCbCatA (path, sizeof(path), "\\VeraCrypt");
RemoveMessage (hwndDlg, path);
if (!StatRemoveDirectory (path))
{
@ -746,7 +748,7 @@ BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated)
if (!bRemoveDeprecated)
{
GetStartupRegKeyName (regk);
GetStartupRegKeyName (regk, sizeof(regk));
DeleteRegistryValue (regk, "VeraCrypt");
RegDeleteKey (HKEY_LOCAL_MACHINE, "Software\\Classes\\.hc");
@ -1113,9 +1115,9 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
bSlash = FALSE;
if (bSlash == FALSE)
strcat (szLinkDir, "\\");
StringCbCatA (szLinkDir, sizeof(szLinkDir), "\\");
strcat (szLinkDir, "VeraCrypt");
StringCbCatA (szLinkDir, sizeof(szLinkDir), "VeraCrypt");
// Global start menu
{
@ -1123,32 +1125,32 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
char path[TC_MAX_PATH];
SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0);
strcat (path, "\\VeraCrypt");
StringCbCatA (path, sizeof(path), "\\VeraCrypt");
if (_stat (path, &st) == 0)
{
strcpy (szLinkDir, path);
StringCbCopyA (szLinkDir, sizeof(szLinkDir), path);
allUsers = TRUE;
}
}
// Start menu entries
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt Website.url");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt Website.url");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
sprintf (szTmp2, "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
goto error;
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
DeleteFile (szTmp2);
// Start menu group
@ -1163,7 +1165,7 @@ BOOL DoShortcutsUninstall (HWND hwndDlg, char *szDestDir)
else
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0);
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
RemoveMessage (hwndDlg, szTmp2);
if (StatDeleteFile (szTmp2) == FALSE)
@ -1199,11 +1201,11 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
strcat (szLinkDir, "\\");
StringCbCatA (szLinkDir, sizeof(szLinkDir), "\\");
strcat (szLinkDir, "VeraCrypt");
StringCbCatA (szLinkDir, sizeof(szLinkDir), "VeraCrypt");
strcpy (szDir, szDestDir);
StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@ -1211,7 +1213,7 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
strcat (szDir, "\\");
StringCbCatA (szDir, sizeof(szDir), "\\");
if (bProgGroup)
{
@ -1221,23 +1223,23 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
{
if (mkfulldir (szLinkDir, FALSE) != 0)
{
wchar_t szTmp[TC_MAX_PATH];
wchar_t szTmpW[TC_MAX_PATH];
handleWin32Error (hwndDlg);
wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), szLinkDir);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
StringCbPrintfW (szTmpW, sizeof(szTmpW), GetString ("CANT_CREATE_FOLDER"), szLinkDir);
MessageBoxW (hwndDlg, szTmpW, lpszTitle, MB_ICONHAND);
goto error;
}
}
sprintf (szTmp, "%s%s", szDir, "VeraCrypt.exe");
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt.exe");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
IconMessage (hwndDlg, szTmp2);
if (CreateLink (szTmp, "", szTmp2) != S_OK)
goto error;
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt Website.url");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt Website.url");
IconMessage (hwndDlg, szTmp2);
f = fopen (szTmp2, "w");
if (f)
@ -1250,21 +1252,21 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
else
goto error;
sprintf (szTmp, "%s%s", szDir, "VeraCrypt Setup.exe");
sprintf (szTmp2, "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
strcpy (szTmp3, "/u");
StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt Setup.exe");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\Uninstall VeraCrypt.lnk");
StringCbCopyA (szTmp3, sizeof(szTmp3), "/u");
IconMessage (hwndDlg, szTmp2);
if (CreateLink (szTmp, szTmp3, szTmp2) != S_OK)
goto error;
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt User's Guide.lnk");
DeleteFile (szTmp2);
}
if (bDesktopIcon)
{
strcpy (szDir, szDestDir);
StringCbCopyA (szDir, sizeof(szDir), szDestDir);
x = strlen (szDestDir);
if (szDestDir[x - 1] == '\\')
bSlash = TRUE;
@ -1272,15 +1274,15 @@ BOOL DoShortcutsInstall (HWND hwndDlg, char *szDestDir, BOOL bProgGroup, BOOL bD
bSlash = FALSE;
if (bSlash == FALSE)
strcat (szDir, "\\");
StringCbCatA (szDir, sizeof(szDir), "\\");
if (bForAllUsers)
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0);
else
SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0);
sprintf (szTmp, "%s%s", szDir, "VeraCrypt.exe");
sprintf (szTmp2, "%s%s", szLinkDir, "\\VeraCrypt.lnk");
StringCbPrintfA (szTmp, sizeof(szTmp), "%s%s", szDir, "VeraCrypt.exe");
StringCbPrintfA (szTmp2, sizeof(szTmp2), "%s%s", szLinkDir, "\\VeraCrypt.lnk");
IconMessage (hwndDlg, szTmp2);
@ -1318,7 +1320,7 @@ void OutcomePrompt (HWND hwndDlg, BOOL bOK)
{
wchar_t str[4096];
swprintf (str, GetString ("UNINSTALL_OK"), InstallationPath);
StringCbPrintfW (str, sizeof(str), GetString ("UNINSTALL_OK"), InstallationPath);
MessageBoxW (hwndDlg, str, lpszTitle, MB_ICONASTERISK);
}
}
@ -1355,7 +1357,7 @@ static void SetSystemRestorePoint (HWND hwndDlg, BOOL finalize)
RestPtInfo.dwEventType = BEGIN_SYSTEM_CHANGE;
RestPtInfo.dwRestorePtType = bUninstall ? APPLICATION_UNINSTALL : APPLICATION_INSTALL | DEVICE_DRIVER_INSTALL;
RestPtInfo.llSequenceNumber = 0;
strcpy (RestPtInfo.szDescription, bUninstall ? "VeraCrypt uninstallation" : "VeraCrypt installation");
StringCbCopyA (RestPtInfo.szDescription, sizeof(RestPtInfo.szDescription), bUninstall ? "VeraCrypt uninstallation" : "VeraCrypt installation");
if(!_SRSetRestorePoint (&RestPtInfo, &SMgrStatus))
{
@ -1430,7 +1432,7 @@ void DoUninstall (void *arg)
DoServiceUninstall (hwndDlg, "VeraCryptService");
GetTempPath (sizeof (temp), temp);
_snprintf (UninstallBatch, sizeof (UninstallBatch), "%s\\VeraCrypt-Uninstall.bat", temp);
StringCbPrintfA (UninstallBatch, sizeof (UninstallBatch), "%s\\VeraCrypt-Uninstall.bat", temp);
UninstallBatch [sizeof(UninstallBatch)-1] = 0;
@ -1494,7 +1496,7 @@ void DoInstall (void *arg)
wchar_t szTmp[TC_MAX_PATH];
handleWin32Error (hwndDlg);
wsprintfW (szTmp, GetString ("CANT_CREATE_FOLDER"), InstallationPath);
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), InstallationPath);
MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND);
Error ("INSTALL_FAILED");
PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0);
@ -1556,7 +1558,7 @@ void DoInstall (void *arg)
UpdateProgressBarProc(61);
GetWindowsDirectory (path, sizeof (path));
strcat_s (path, sizeof (path), "\\VeraCrypt Setup.exe");
StringCbCatA (path, sizeof (path), "\\VeraCrypt Setup.exe");
DeleteFile (path);
if (UpdateProgressBarProc(63) && UnloadDriver && DoServiceUninstall (hwndDlg, "veracrypt") == FALSE)
@ -1715,7 +1717,7 @@ void SetInstallationPath (HWND hwndDlg)
// 4.3 or later
len = strrchr (rv, '/') - rv - 2;
strncpy (InstallationPath, rv + 1, len);
StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv + 1, len);
InstallationPath [len] = 0;
bInstallPathDetermined = TRUE;
@ -1734,7 +1736,7 @@ void SetInstallationPath (HWND hwndDlg)
{
// 4.0-4.2a
strncpy (InstallationPath, rv + len + 3, strlen (rv) - len - 3);
StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv + len + 3, strlen (rv) - len - 3);
InstallationPath [strlen (rv) - len - 3] = 0;
bInstallPathDetermined = TRUE;
}
@ -1748,7 +1750,7 @@ void SetInstallationPath (HWND hwndDlg)
Error ("UNINSTALL_OLD_VERSION_FIRST");
len = strrchr (rv, '/') - rv - 1;
strncpy (InstallationPath, rv, len); // Path and filename of the uninstaller
StringCbCopyNA (InstallationPath, sizeof(InstallationPath), rv, len); // Path and filename of the uninstaller
InstallationPath [len] = 0;
bInstallPathDetermined = FALSE;
@ -1778,7 +1780,7 @@ void SetInstallationPath (HWND hwndDlg)
}
else
{
/* TrueCypt is not installed or it wasn't possible to determine where it is installed. */
/* VeraCrypt is not installed or it wasn't possible to determine where it is installed. */
// Default "Program Files" path.
SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList);
@ -1793,18 +1795,18 @@ void SetInstallationPath (HWND hwndDlg)
{
s = s.substr (0, p);
if (_access (s.c_str(), 0) != -1)
strcpy_s (path, sizeof (path), s.c_str());
StringCbCopyA (path, sizeof (path), s.c_str());
}
}
strncat (path, "\\VeraCrypt\\", min (strlen("\\VeraCrypt\\"), sizeof(path)-strlen(path)-1));
strncpy (InstallationPath, path, sizeof(InstallationPath)-1);
StringCbCatA (path, sizeof(path), "\\VeraCrypt\\");
StringCbCopyA (InstallationPath, sizeof(InstallationPath), path);
}
// Make sure the path ends with a backslash
if (InstallationPath [strlen (InstallationPath) - 1] != '\\')
{
strcat (InstallationPath, "\\");
StringCbCatA (InstallationPath, sizeof(InstallationPath), "\\");
}
}
@ -2014,10 +2016,10 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
char dllPath[MAX_PATH];
if (GetSystemDirectory (dllPath, MAX_PATH))
{
strcat(dllPath, "\\srclient.dll");
StringCbCatA(dllPath, sizeof(dllPath), "\\srclient.dll");
}
else
strcpy(dllPath, "C:\\Windows\\System32\\srclient.dll");
StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\srclient.dll");
SystemRestoreDll = LoadLibrary (dllPath);
if (!bUninstall)

View File

@ -21,6 +21,7 @@
#include "Common/Resource.h"
#include "Resource.h"
#include "Setup.h"
#include <Strsafe.h>
using namespace std;
@ -91,10 +92,10 @@ static void InitWizardDestInstallPath (void)
{
if (strlen (WizardDestInstallPath) < 2)
{
strcpy (WizardDestInstallPath, InstallationPath);
StringCbCopyA (WizardDestInstallPath, sizeof(WizardDestInstallPath), InstallationPath);
if (WizardDestInstallPath [strlen (WizardDestInstallPath) - 1] != '\\')
{
strcat (WizardDestInstallPath, "\\");
StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
}
}
@ -213,7 +214,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case WM_INITDIALOG:
LocalizeDialog (hwndDlg, "IDD_INSTL_DLG");
sprintf (PageDebugId, "SETUP_WIZARD_PAGE_%d", nCurPageNo);
StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "SETUP_WIZARD_PAGE_%d", nCurPageNo);
LastDialogId = PageDebugId;
switch (nCurPageNo)
@ -307,8 +308,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (strlen(WizardDestExtractPath) < 2)
{
strcpy (WizardDestExtractPath, SetupFilesDir);
strncat (WizardDestExtractPath, "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
StringCbCopyA (WizardDestExtractPath, sizeof(WizardDestExtractPath), SetupFilesDir);
StringCbCatNA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "VeraCrypt\\", sizeof (WizardDestExtractPath) - strlen (WizardDestExtractPath) - 1);
}
SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0);
@ -351,9 +352,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE);
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
strcat (WizardDestExtractPath, "\\");
StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
strcpy (DestExtractPath, WizardDestExtractPath);
StringCbCopyA (DestExtractPath, sizeof(DestExtractPath), WizardDestExtractPath);
InitProgressBar ();
@ -454,9 +455,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
InitProgressBar ();
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
strcat (WizardDestInstallPath, "\\");
StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
strcpy (InstallationPath, WizardDestInstallPath);
StringCbCopyA (InstallationPath, sizeof(InstallationPath), WizardDestInstallPath);
WaitCursor ();
@ -544,7 +545,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
memset (&lf, 0, sizeof(lf));
// Main font
wcsncpy (lf.lfFaceName, L"Times New Roman", sizeof (lf.lfFaceName)/2);
StringCbCopyW (lf.lfFaceName, sizeof (lf.lfFaceName),L"Times New Roman");
lf.lfHeight = CompensateDPIFont (-21);
lf.lfWeight = FW_NORMAL;
lf.lfWidth = 0;
@ -626,7 +627,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestExtractPath [strlen(WizardDestExtractPath)-1] != '\\')
{
strcat (WizardDestExtractPath, "\\");
StringCbCatA (WizardDestExtractPath, sizeof(WizardDestExtractPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath);
}
@ -647,7 +648,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (WizardDestInstallPath [strlen(WizardDestInstallPath)-1] != '\\')
{
strcat (WizardDestInstallPath, "\\");
StringCbCatA (WizardDestInstallPath, sizeof(WizardDestInstallPath), "\\");
}
SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath);
}
@ -684,7 +685,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
char tmpstr [200];
sprintf (tmpstr, "&ref=%d", DonColorSchemeId);
StringCbPrintfA (tmpstr, sizeof(tmpstr), "&ref=%d", DonColorSchemeId);
Applink ("donate", FALSE, tmpstr);
}