lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows)

Replace:
- curl_sspi: macro `_tcsncpy()` with `_tcsncpy_s()`.
- curlx/fopen: `wcsncpy()` with `wcsncpy_s()`.
- curlx/fopen: `wcscpy()` with `wcscpy_s()`.

Use of the pre-existing functions were safe. This patch aims to use the
recommended Windows CRT functions. Handle errors returned by them. Also
to avoid the compiler warnings silenced via `_CRT_SECURE_NO_WARNINGS`:

```
lib/curl_sspi.c(152): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(161): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(162): warning C4996: 'wcscpy': This function or variable may be unsafe. Consider using wcscpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(174): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(175): warning C4996: 'wcscpy': This function or variable may be unsafe. Consider using wcscpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
```

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/strncpy-strncpy-l-wcsncpy-wcsncpy-l-mbsncpy-mbsncpy-l
https://learn.microsoft.com/cpp/c-runtime-library/reference/strncpy-s-strncpy-s-l-wcsncpy-s-wcsncpy-s-l-mbsncpy-s-mbsncpy-s-l
https://learn.microsoft.com/cpp/c-runtime-library/security-features-in-the-crt

Cherry-picked from #19581 (in part)
Closes #19589

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 0df96d5efd28374a6fafe87bf6632365717d833b..05e6149f6139142a4dcbabbca03c98023b99fc71 100644 (file)
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -98,7 +98,7 @@
 #define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _open(),
                                     _wfopen(), _wopen(), fopen(), freopen(),
                                     getenv(), gmtime(), mbstowcs(), sprintf(),
-                                    strcpy(), wcscpy(), wcsncpy(), wcstombs(),
+                                    strcpy(), wcstombs(),
                                     in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */

diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 32b4c894d6b566d63da06f7c114ad810bfa792c5..369cf18967a30dd97b79685ac47f742c1b99709c 100644 (file)
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -149,8 +149,11 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
     curlx_unicodefree(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
-  _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
-  *(dup_domain.tchar_ptr + domlen) = TEXT('\0');
+  if(_tcsncpy_s(dup_domain.tchar_ptr, domlen + 1, domain.tchar_ptr, domlen)) {
+    curlx_unicodefree(dup_domain.tchar_ptr);
+    curlx_unicodefree(useranddomain.tchar_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
   identity->Domain = dup_domain.tbyte_ptr;
   identity->DomainLength = curlx_uztoul(domlen);
   dup_domain.tchar_ptr = NULL;

diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index 333eff7de7e2f6b98c63b4283358fd87f2f81d87..f3307531625072bc7b64be04b207dd55afc9c600 100644 (file)
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -158,8 +158,14 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(!temp)
         goto cleanup;
 
-      wcsncpy(temp, L"\\\\?\\UNC\\", 8);
-      wcscpy(temp + 8, fbuf + 2);
+      if(wcsncpy_s(temp, needed, L"\\\\?\\UNC\\", 8)) {
+        (free)(temp);
+        goto cleanup;
+      }
+      if(wcscpy_s(temp + 8, needed, fbuf + 2)) {
+        (free)(temp);
+        goto cleanup;
+      }
     }
     else {
       /* "\\?\" + full path + null */
@@ -171,8 +177,14 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(!temp)
         goto cleanup;
 
-      wcsncpy(temp, L"\\\\?\\", 4);
-      wcscpy(temp + 4, fbuf);
+      if(wcsncpy_s(temp, needed, L"\\\\?\\", 4)) {
+        (free)(temp);
+        goto cleanup;
+      }
+      if(wcscpy_s(temp + 4, needed, fbuf)) {
+        (free)(temp);
+        goto cleanup;
+      }
     }
 
     (free)(fbuf);