nihilist/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt synced 2024-11-24 03:53:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with secure equivalents

Browse Source 
This fixed failure to build driver for ARM64 with latest VS 2019
This commit is contained in:
Mounir IDRASSI 2021-07-13 21:59:48 +02:00
parent dce6d76b81
commit c374782436
No known key found for this signature in database
GPG Key ID: 02C30AE90FAE4A6F
11 changed files with 58 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/Common/Crypto.c
View File

@ -18,6 +18,7 @@
#include "Common/Endian.h"
#if !defined(_UEFI)
#include <string.h>
#include <strsafe.h>
#ifndef TC_WINDOWS_BOOT
#include "EncryptionThreadPool.h"
#endif
@ -555,33 +556,35 @@ BOOL EAInitMode (PCRYPTO_INFO ci, unsigned char* key2)
return TRUE;
}
static void EAGetDisplayName(wchar_t *buf, int ea, int i)
static void EAGetDisplayName(wchar_t *buf, size_t bufLen, int ea, int i)
{
wcscpy (buf, CipherGetName (i));
StringCchCopyW (buf, bufLen, CipherGetName (i));
if (i = EAGetPreviousCipher(ea, i))
{
wcscat (buf, L"(");
EAGetDisplayName (&buf[wcslen(buf)], ea, i);
wcscat (buf, L")");
size_t curLen;
StringCchCatW (buf, bufLen, L"(");
curLen = wcslen(buf);
EAGetDisplayName (&buf[curLen], bufLen - curLen, ea, i);
StringCchCatW (buf, bufLen, L")");
}
}
// Returns name of EA, cascaded cipher names are separated by hyphens
wchar_t *EAGetName (wchar_t *buf, int ea, int guiDisplay)
wchar_t *EAGetName (wchar_t *buf, size_t bufLen, int ea, int guiDisplay)
{
if (guiDisplay)
{
EAGetDisplayName (buf, ea, EAGetLastCipher(ea));
EAGetDisplayName (buf, bufLen, ea, EAGetLastCipher(ea));
}
else
{
int i = EAGetLastCipher(ea);
wcscpy (buf, (i != 0) ? CipherGetName (i) : L"?");
StringCchCopyW (buf, bufLen, (i != 0) ? CipherGetName (i) : L"?");
while (i = EAGetPreviousCipher(ea, i))
{
wcscat (buf, L"-");
wcscat (buf, CipherGetName (i));
StringCchCatW (buf, bufLen, L"-");
StringCchCatW (buf, bufLen, CipherGetName (i));
}
}
return buf;
@ -595,7 +598,7 @@ int EAGetByName (wchar_t *name)
do
{
EAGetName(n, ea, 1);
EAGetName(n, 128, ea, 1);
#if defined(_UEFI)
if (wcscmp(n, name) == 0)
#else
@ -785,11 +788,11 @@ const wchar_t *HashGetName (int hashId)
return pHash? pHash -> Name : L"";
}
void HashGetName2 (wchar_t *buf, int hashId)
void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId)
{
Hash* pHash = HashGet(hashId);
if (pHash)
wcscpy(buf, pHash -> Name);
StringCchCopyW (buf, bufLen, pHash -> Name);
else
buf[0] = L'\0';
}

4
src/Common/Crypto.h
View File

@ -342,7 +342,7 @@ int EAGetFirst ();
int EAGetCount (void);
int EAGetNext (int previousEA);
#ifndef TC_WINDOWS_BOOT
wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay);
wchar_t * EAGetName (wchar_t *buf, size_t bufLen, int ea, int guiDisplay);
int EAGetByName (wchar_t *name);
#endif
int EAGetKeySize (int ea);
@ -373,7 +373,7 @@ const wchar_t *HashGetName (int hash_algo_id);
int HashGetIdByName (wchar_t *name);
#endif
Hash *HashGet (int id);
void HashGetName2 (wchar_t *buf, int hashId);
void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId);
BOOL HashIsDeprecated (int hashId);
BOOL HashForSystemEncryption (int hashId);
int GetMaxPkcs5OutSize (void);

4
src/Common/Dlgcode.c
View File

@ -5903,7 +5903,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
benchmarkTable[benchmarkTotalItems].decSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart;
benchmarkTable[benchmarkTotalItems].id = ci->ea;
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2;
EAGetName (benchmarkTable[benchmarkTotalItems].name, ci->ea, 1);
EAGetName (benchmarkTable[benchmarkTotalItems].name, 100, ci->ea, 1);
benchmarkTotalItems++;
}
@ -6826,7 +6826,7 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
{
if (EAGetCipherCount (ea) == 1 && EAIsFormatEnabled (ea))
AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ea, 1), EAGetFirstCipher (ea));
AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ARRAYSIZE(buf),ea, 1), EAGetFirstCipher (ea));
}
ResetCipherTest(hwndDlg, idTestCipher);

3
src/Common/Password.c
View File

@ -23,6 +23,7 @@
#include "Random.h"
#include <io.h>
#include <strsafe.h>
#ifndef SRC_POS
#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__))
@ -210,7 +211,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
if (bDevice == FALSE)
{
wcscpy (szCFDevice, szDiskFile);
StringCchCopyW (szCFDevice, ARRAYSIZE(szCFDevice), szDiskFile);
}
else
{

6
src/Common/Tcdefs.h
View File

@ -180,10 +180,10 @@ typedef uint64 uint_64t;
typedef CHAR16 wchar_t;
typedef int LONG;
#define wcscpy StrCpy
#define StringCchCopyW StrCpyS
#define wcslen StrLen
#define wcscmp StrCmp
#define wcscat StrCat
#define StringCchCatW StrCatS
#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))
#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
@ -195,7 +195,7 @@ typedef int LONG;
#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)
#define strcmp AsciiStrCmp
#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))
#define strcpy(strDest,strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource)
#define StringCchCopyA(strDest,strMaxSize,strSource) AsciiStrCpyS(strDest,strMaxSize,strSource)
#define strncpy(strDest,strSource,count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count)
#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))
#define strstr AsciiStrStr

4
src/Common/Tests.c
View File

@ -707,7 +707,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
if (!EAIsModeSupported (ci->ea, ci->mode))
continue;
EAGetName (name, ci->ea, 0);
EAGetName (name, ARRAYSIZE(name), ci->ea, 0);
if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS)
return FALSE;
@ -1188,7 +1188,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
if (!EAIsModeSupported (ci->ea, ci->mode))
continue;
EAGetName (name, ci->ea, 0);
EAGetName (name, ARRAYSIZE(name), ci->ea, 0);
if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS)
return FALSE;

21
src/Common/Xml.c
View File

@ -12,6 +12,7 @@
#if !defined(_UEFI)
#include <windows.h>
#include <stdio.h>
#include <strsafe.h>
#else
#include "Tcdefs.h"
#pragma warning( disable : 4706 ) // assignment within conditional expression
@ -185,26 +186,30 @@ char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize)
case '&':
if (textDst + 6 > textDstLast)
return NULL;
strcpy (textDst, "&amp;");
StringCchCopyA (textDst, textDstMaxSize, "&amp;");
textDst += 5;
textDstMaxSize -= 5;
continue;
case '>':
if (textDst + 5 > textDstLast)
return NULL;
strcpy (textDst, "&gt;");
StringCchCopyA (textDst, textDstMaxSize, "&gt;");
textDst += 4;
textDstMaxSize -= 4;
continue;
case '<':
if (textDst + 5 > textDstLast)
return NULL;
strcpy (textDst, "&lt;");
StringCchCopyA (textDst, textDstMaxSize, "&lt;");
textDst += 4;
textDstMaxSize -= 4;
continue;
default:
*textDst++ = c;
textDstMaxSize--;
}
}
@ -230,26 +235,30 @@ wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMax
case L'&':
if (textDst + 6 > textDstLast)
return NULL;
wcscpy (textDst, L"&amp;");
StringCchCopyW (textDst, textDstMaxSize, L"&amp;");
textDst += 5;
textDstMaxSize -= 5;
continue;
case L'>':
if (textDst + 5 > textDstLast)
return NULL;
wcscpy (textDst, L"&gt;");
StringCchCopyW (textDst, textDstMaxSize, L"&gt;");
textDst += 4;
textDstMaxSize -= 4;
continue;
case L'<':
if (textDst + 5 > textDstLast)
return NULL;
wcscpy (textDst, L"&lt;");
StringCchCopyW (textDst, textDstMaxSize, L"&lt;");
textDst += 4;
textDstMaxSize -= 4;
continue;
default:
*textDst++ = c;
textDstMaxSize--;
}
}

4
src/Driver/DriveFilter.c
View File

@ -2112,8 +2112,8 @@ void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp)
wchar_t BootEncryptionAlgorithmNameW[256];
wchar_t BootPrfAlgorithmNameW[256];
GetBootEncryptionAlgorithmNameRequest *request = (GetBootEncryptionAlgorithmNameRequest *) irp->AssociatedIrp.SystemBuffer;
EAGetName (BootEncryptionAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0);
HashGetName2 (BootPrfAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5);
EAGetName (BootEncryptionAlgorithmNameW, 256, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0);
HashGetName2 (BootPrfAlgorithmNameW, 256, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5);
RtlStringCbPrintfA (request->BootEncryptionAlgorithmName, sizeof (request->BootEncryptionAlgorithmName), "%S", BootEncryptionAlgorithmNameW);
RtlStringCbPrintfA (request->BootPrfAlgorithmName, sizeof (request->BootPrfAlgorithmName), "%S", BootPrfAlgorithmNameW);

3
src/ExpandVolume/ExpandVolume.c
View File

@ -37,6 +37,7 @@
#include "InitDataArea.h"
#include "ExpandVolume.h"
#include "Resource.h"
#include <strsafe.h>
#ifndef SRC_POS
#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__))
@ -526,7 +527,7 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
if (bDevice == FALSE)
{
wcscpy (szCFDevice, szDiskFile);
StringCchCopyW (szCFDevice, ARRAYSIZE(szCFDevice), szDiskFile);
}
else
{

12
src/Format/Tcformat.c
View File

@ -1425,7 +1425,7 @@ void ComboSelChangeEA (HWND hwndDlg)
int i, cnt = 0;
nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
EAGetName (name, nIndex, 0);
EAGetName (name, ARRAYSIZE(name),nIndex, 0);
if (wcscmp (name, L"AES") == 0)
{
@ -4165,7 +4165,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
{
if (EAIsFormatEnabled (ea) && (!SysEncInEffect () || bSystemIsGPT || EAIsMbrSysEncEnabled (ea)))
AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ea, 1), ea);
AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ARRAYSIZE(buf),ea, 1), ea);
}
SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), &nVolumeEA);
@ -5597,7 +5597,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
int nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0);
nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
EAGetName (name, nIndex, 0);
EAGetName (name, ARRAYSIZE(name),nIndex, 0);
if (wcscmp (name, L"AES") == 0)
Applink ("aes");
@ -6388,8 +6388,8 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
#ifdef _DEBUG
// For faster testing
strcpy (szVerify, "q");
strcpy (szRawPassword, "q");
StringCchCopyA (szVerify, ARRAYSIZE(szVerify), "q");
StringCchCopyA (szRawPassword, ARRAYSIZE(szRawPassword), "q");
#endif
PasswordEditDropTarget* pTarget = new PasswordEditDropTarget ();
@ -7330,7 +7330,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
else
{
// Either a standard Windows boot manager or no boot manager
wcscpy_s (SysEncMultiBootCfgOutcome, sizeof(SysEncMultiBootCfgOutcome) / 2, GetString ("WINDOWS_BOOT_LOADER_HINTS"));
StringCchCopyW (SysEncMultiBootCfgOutcome, sizeof(SysEncMultiBootCfgOutcome) / 2, GetString ("WINDOWS_BOOT_LOADER_HINTS"));
}
}

12
src/Mount/Mount.c
View File

@ -1806,7 +1806,7 @@ void LoadDriveLetters (HWND hwndDlg, HWND hTree, int drive)
if (propSysEnc.ea >= EAGetFirst() && propSysEnc.ea <= EAGetCount())
{
EAGetName (szTmp, propSysEnc.ea, 1);
EAGetName (szTmp, ARRAYSIZE(szTmp),propSysEnc.ea, 1);
}
else
{
@ -1932,7 +1932,7 @@ void LoadDriveLetters (HWND hwndDlg, HWND hTree, int drive)
GetSizeString (bSysEncPartition ? GetSysEncDeviceSize(TRUE) : driver.diskLength[i], szTmpW, sizeof(szTmpW));
ListSubItemSet (hTree, listItem.iItem, 2, szTmpW);
EAGetName (szTmp, bSysEncPartition ? propSysEnc.ea : driver.ea[i], 1);
EAGetName (szTmp, ARRAYSIZE(szTmp),bSysEncPartition ? propSysEnc.ea : driver.ea[i], 1);
listItem.iSubItem = 3;
ListView_SetItem (hTree, &listItem);
@ -4233,14 +4233,14 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
return 1;
}
EAGetName (szTmp, prop.ea, 1);
EAGetName (szTmp, ARRAYSIZE(szTmp), prop.ea, 1);
ListSubItemSet (list, i++, 1, szTmp);
// Key size(s)
{
wchar_t name[128];
int size = EAGetKeySize (prop.ea);
EAGetName (name, prop.ea, 1);
EAGetName (name, ARRAYSIZE(name), prop.ea, 1);
// Primary key
ListItemAdd (list, i, GetString ("KEY_SIZE"));
@ -4301,7 +4301,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2);
swprintf (date, L"%s ", sw);
GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2);
wcscat (date, sw);
StringCchCatW (date, ARRAYSIZE(date), sw);
ListSubItemSet (list, i++, 1, date);
// Header date
@ -4311,7 +4311,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2);
swprintf (date, L"%s ", sw);
GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2);
wcscat (date, sw);
StringCchCatW (date, ARRAYSIZE(date), sw);
GetLocalTime (&st);
SystemTimeToFileTime (&st, &curFt);