]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 709c381)
iservice: Resolve MSVC C4996 warnings
authorSimon Rozman <simon@rozman.si>
Sun, 21 Mar 2021 14:46:27 +0000 (15:46 +0100)
committerGert Doering <gert@greenie.muc.de>
Sun, 21 Mar 2021 17:12:14 +0000 (18:12 +0100)
Lots of string functions were declared unsafe in favor of ..._s()
counterparts. However, the code already is careful about the buffer
size. Code analysis is just not smart enough (yet) to detect this.

The code was refactored to use ..._s() variants MSVC is considering as
"safe".

Signed-off-by: Simon Rozman <simon@rozman.si>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20210321144627.1621-5-simon@rozman.si>
URL: https://www.mail-archive.com/search?l=mid&q=20210321144627.1621-5-simon@rozman.si
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpnserv/automatic.c patch | blob | blame | history
src/openvpnserv/common.c patch | blob | blame | history
src/openvpnserv/interactive.c patch | blob | blame | history
src/openvpnserv/service.c patch | blob | blame | history

diff --git a/src/openvpnserv/automatic.c b/src/openvpnserv/automatic.c
index 3f2ca345a66db7a17d2eec3074519e1cacad13d6..0ba222a087042df8ca0663f973705a6000031916 100644 (file)
--- a/src/openvpnserv/automatic.c
+++ b/src/openvpnserv/automatic.c
@@ -137,7 +137,7 @@ modext(LPTSTR dest, size_t size, LPCTSTR src, LPCTSTR newext)
 
     if (size > 0 && (_tcslen(src) + 1) <= size)
     {
-        _tcscpy(dest, src);
+        _tcscpy_s(dest, size, src);
         dest [size - 1] = TEXT('\0');
         i = _tcslen(dest);
         while (i-- > 0)
@@ -154,8 +154,8 @@ modext(LPTSTR dest, size_t size, LPCTSTR src, LPCTSTR newext)
         }
         if (_tcslen(dest) + _tcslen(newext) + 2 <= size)
         {
-            _tcscat(dest, TEXT("."));
-            _tcscat(dest, newext);
+            _tcscat_s(dest, size, TEXT("."));
+            _tcscat_s(dest, size, newext);
             return true;
         }
         dest[0] = TEXT('\0');
@@ -271,7 +271,7 @@ ServiceStartAutomatic(DWORD dwArgc, LPTSTR *lpszArgv)
         BOOL more_files;
         TCHAR find_string[MAX_PATH];
 
-        openvpn_sntprintf(find_string, MAX_PATH, TEXT("%s\\*"), settings.config_dir);
+        openvpn_sntprintf(find_string, _countof(find_string), TEXT("%s\\*"), settings.config_dir);
 
         find_handle = FindFirstFile(find_string, &find_obj);
         if (find_handle == INVALID_HANDLE_VALUE)
diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c
index 958643dfd0e8a065702a8a3a7498665a10ceab08..48769be488f6746b79c9b58dc1479224a014c73c 100644 (file)
--- a/src/openvpnserv/common.c
+++ b/src/openvpnserv/common.c
@@ -37,7 +37,7 @@ openvpn_vsntprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist)
     int len = -1;
     if (size > 0)
     {
-        len = _vsntprintf(str, size, format, arglist);
+        len = _vsntprintf_s(str, size, _TRUNCATE, format, arglist);
         str[size - 1] = 0;
     }
     return (len >= 0 && (size_t)len < size);
@@ -311,7 +311,7 @@ get_win_sys_path(void)
 
     if (!GetSystemDirectoryW(win_sys_path, _countof(win_sys_path)))
     {
-        wcsncpy(win_sys_path, default_sys_path, _countof(win_sys_path));
+        wcscpy_s(win_sys_path, _countof(win_sys_path), default_sys_path);
         win_sys_path[_countof(win_sys_path) - 1] = L'\0';
     }
 
diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index b073a0d5a98598cacbfbbb4969547f815c1f7273..ed83d2a3178b07c43cd19c4e699fa845312e6f53 100644 (file)
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -1067,7 +1067,7 @@ netsh_dns_cmd(const wchar_t *action, const wchar_t *proto, const wchar_t *if_nam
 
     if (IsWindows7OrGreater())
     {
-        wcsncat(cmdline, L" validate=no", ncmdline - wcslen(cmdline) - 1);
+        wcscat_s(cmdline, ncmdline, L" validate=no");
     }
     err = ExecCommand(argv0, cmdline, timeout);
 
diff --git a/src/openvpnserv/service.c b/src/openvpnserv/service.c
index 8efe25f9b813fc83a7c215650be7029a6da24bea..8101f83d0f92a01e4cda801e8e78d6c535a5c5ce 100644 (file)
--- a/src/openvpnserv/service.c
+++ b/src/openvpnserv/service.c
@@ -61,14 +61,14 @@ CmdInstallServices()
     TCHAR path[512];
     int i, ret = _service_max;
 
-    if (GetModuleFileName(NULL, path + 1, 510) == 0)
+    if (GetModuleFileName(NULL, path + 1, _countof(path) - 2) == 0)
     {
         _tprintf(TEXT("Unable to install service - %s\n"), GetLastErrorText());
         return 1;
     }
 
     path[0] = TEXT('\"');
-    _tcscat(path, TEXT("\""));
+    _tcscat_s(path, _countof(path), TEXT("\""));
 
     svc_ctl_mgr = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT | SC_MANAGER_CREATE_SERVICE);
     if (svc_ctl_mgr == NULL)
Mirror of https://github.com/OpenVPN/openvpn.git