From: Simon Rozman <simon@rozman.si>
Date: Mon, 22 Mar 2021 07:43:59 +0000 (+0100)
Subject: tapctl: Resolve MSVC C4996 warnings
X-Git-Tag: v2.5.7~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64547d552dbcadd826a30a4ba122d590d87504f6;p=thirdparty%2Fopenvpn.git

tapctl: Resolve MSVC C4996 warnings

wcsncat() was declared unsafe in favour of wcsncat_s(). However, the
string concatenation follows the string length check, making wcsncat()
safe too. Code analysis is just not smart enough (yet) to detect this.

The code was refactored to use wcscat_s() MSVC is considering as "safe".

Signed-off-by: Simon Rozman <simon@rozman.si>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210322074359.527-1-simon@rozman.si>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21774.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit e5e9a07e8baee4065b7dfd65736bfa77b8329cfc)
---

diff --git a/src/tapctl/tap.c b/src/tapctl/tap.c
index e399a38a3..c9795bce1 100644
--- a/src/tapctl/tap.c
+++ b/src/tapctl/tap.c
@@ -73,14 +73,15 @@ find_function(const WCHAR *libname, const char *funcname, HMODULE *m)
        return NULL;
     }
 
-    size_t len = _countof(libpath) - wcslen(libpath) - 1;
-    if (len < wcslen(libname) + 1)
+    /* +1 for the path seperator '\' */
+    const size_t path_length = wcslen(libpath) + 1 + wcslen(libname);
+    if (path_length >= _countof(libpath))
     {
        SetLastError(ERROR_INSUFFICIENT_BUFFER);
        return NULL;
     }
-    wcsncat(libpath, L"\\", len);
-    wcsncat(libpath, libname, len-1);
+    wcscat_s(libpath, _countof(libpath), L"\\");
+    wcscat_s(libpath, _countof(libpath), libname);
 
     *m = LoadLibraryW(libpath);
     if (*m == NULL)