1 files changed, 8 insertions, 6 deletions
diff --git a/src/Common/Format.c b/src/Common/Format.c
index 25f20acd..ad6be026 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -12,40 +12,42 @@
 #include <stdlib.h>
 #include <string.h>
 
 #include "Tcdefs.h"
 
 #include "Common.h"
 #include "Crypto.h"
 #include "Fat.h"
 #include "Format.h"
 #include "Random.h"
 #include "Volumes.h"
 
 #include "Apidrvr.h"
 #include "Dlgcode.h"
 #include "Language.h"
 #include "Progress.h"
 #include "Resource.h"
 #include "Format/FormatCom.h"
 #include "Format/Tcformat.h"
 
+#include <Strsafe.h>
+
 int FormatWriteBufferSize = 1024 * 1024;
 static uint32 FormatSectorSize = 0;
 
 
 uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize)
 {
 	uint64 reservedSize;
 
 	if (hiddenVolume)
 	{
 		// Reserve free space at the end of the host filesystem. FAT file system fills the last sector with
 		// zeroes (marked as free; observed when quick format was performed using the OS format tool).
 		// Therefore, when the outer volume is mounted with hidden volume protection, such write operations
 		// (e.g. quick formatting the outer volume filesystem as FAT) would needlessly trigger hidden volume
 		// protection.
 
 #if TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE > 4096
 #	error	TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE too large for very small volumes. Revise the code.
 #endif
 
@@ -112,82 +114,82 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
 	use the 'bInstantRetryOtherFilesys' flag to skip them. */
 
 	if (volParams->hiddenVol)
 	{
 		dataOffset = volParams->hiddenVolHostSize - TC_VOLUME_HEADER_GROUP_SIZE - volParams->size;
 	}
 	else
 	{
 		if (volParams->size <= TC_TOTAL_VOLUME_HEADERS_SIZE)
 			return ERR_VOL_SIZE_WRONG;
 
 		dataOffset = TC_VOLUME_DATA_OFFSET;
 	}
 
 	dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, volParams->size);
 
 	num_sectors = dataAreaSize / FormatSectorSize;
 
 	if (volParams->bDevice)
 	{
-		strcpy ((char *)deviceName, volParams->volumePath);
-		ToUNICODE ((char *)deviceName);
+		StringCbCopyA ((char *)deviceName, sizeof(deviceName), volParams->volumePath);
+		ToUNICODE ((char *)deviceName, sizeof(deviceName));
 
 		driveLetter = GetDiskDeviceDriveLetter (deviceName);
 	}
 
 	VirtualLock (header, sizeof (header));
 
 	nStatus = CreateVolumeHeaderInMemory (FALSE,
 				     header,
 				     volParams->ea,
 					 FIRST_MODE_OF_OPERATION_ID,
 				     volParams->password,
 				     volParams->pkcs5,
 					 NULL,
 				     &cryptoInfo,
 					 dataAreaSize,
 					 volParams->hiddenVol ? dataAreaSize : 0,
 					 dataOffset,
 					 dataAreaSize,
 					 0,
 					 volParams->headerFlags,
 					 FormatSectorSize,
 					 FALSE);
 
 	if (nStatus != 0)
 	{
 		burn (header, sizeof (header));
 		VirtualUnlock (header, sizeof (header));
 		return nStatus;
 	}
 
 begin_format:
 
 	if (volParams->bDevice)
 	{
 		/* Device-hosted volume */
 
 		DWORD dwResult;
 		int nPass;
 
-		if (FakeDosNameForDevice (volParams->volumePath, dosDev, devName, FALSE) != 0)
+		if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0)
 			return ERR_OS_ERROR;
 
 		if (IsDeviceMounted (devName))
 		{
 			if ((dev = DismountDrive (devName, volParams->volumePath)) == INVALID_HANDLE_VALUE)
 			{
 				Error ("FORMAT_CANT_DISMOUNT_FILESYS");
 				nStatus = ERR_DONT_REPORT; 
 				goto error;
 			}
 
 			/* Gain "raw" access to the partition (it contains a live filesystem and the filesystem driver 
 			would otherwise prevent us from writing to hidden sectors). */
 
 			if (!DeviceIoControl (dev,
 				FSCTL_ALLOW_EXTENDED_DASD_IO,
 				NULL,
 				0,   
 				NULL,
 				0,
@@ -786,57 +788,57 @@ fail:
 
 volatile BOOLEAN FormatExResult;
 
 BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID parameter)
 {
 	if (command == FMIFS_DONE)
 		FormatExResult = *(BOOLEAN *) parameter;
 	return TRUE;
 }
 
 BOOL FormatNtfs (int driveNo, int clusterSize)
 {
 	char dllPath[MAX_PATH] = {0};
 	WCHAR dir[8] = { (WCHAR) driveNo + 'A', 0 };
 	PFORMATEX FormatEx;
 	HMODULE hModule;
 	int i;
 	
 	if (GetSystemDirectory (dllPath, MAX_PATH))
 	{
-		strcat(dllPath, "\\fmifs.dll");
+		StringCbCatA(dllPath, sizeof(dllPath), "\\fmifs.dll");
 	}
 	else
-		strcpy(dllPath, "C:\\Windows\\System32\\fmifs.dll");
+		StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\fmifs.dll");
 	
 	hModule = LoadLibrary (dllPath);
 
 	if (hModule == NULL)
 		return FALSE;
 
 	if (!(FormatEx = (PFORMATEX) GetProcAddress (GetModuleHandle ("fmifs.dll"), "FormatEx")))
 	{
 		FreeLibrary (hModule);
 		return FALSE;
 	}
 
-	wcscat (dir, L":\\");
+	StringCbCatW (dir, sizeof(dir), L":\\");
 
 	FormatExResult = FALSE;
 
 	// Windows sometimes fails to format a volume (hosted on a removable medium) as NTFS.
 	// It often helps to retry several times.
 	for (i = 0; i < 50 && FormatExResult != TRUE; i++)
 	{
 		FormatEx (dir, FMIFS_HARDDISK, L"NTFS", L"", TRUE, clusterSize * FormatSectorSize, FormatExCallback);
 	}
 
 	// The device may be referenced for some time after FormatEx() returns
 	Sleep (2000);
 
 	FreeLibrary (hModule);
 	return FormatExResult;
 }
 
 
 BOOL WriteSector (void *dev, char *sector,
 	     char *write_buf, int *write_buf_cnt,