1 files changed, 16 insertions, 7 deletions
diff --git a/src/Common/Xml.c b/src/Common/Xml.c
index 6abbed6d..9f77b3ba 100644
--- a/src/Common/Xml.c
+++ b/src/Common/Xml.c
@@ -3,16 +3,17 @@
  Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
  by the TrueCrypt License 3.0.
 
  Modifications and additions to the original source code (contained in this file)
- and all other portions of this file are Copyright (c) 2013-2016 IDRIX
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
  and are governed by the Apache License 2.0 the full text of which is
  contained in the file License.txt included in VeraCrypt binary and source
  code distribution packages.
 */
 #if !defined(_UEFI)
 #include <windows.h>
 #include <stdio.h>
+#include <strsafe.h>
 #else
 #include "Tcdefs.h"
 #pragma warning( disable : 4706 )  //  assignment within conditional expression
 #endif
@@ -184,28 +185,32 @@ char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize)
 		{
 		case '&':
 			if (textDst + 6 > textDstLast)
 				return NULL;
-			strcpy (textDst, "&amp;");
+			StringCchCopyA (textDst, textDstMaxSize, "&amp;");
 			textDst += 5;
+			textDstMaxSize -= 5;
 			continue;
 
 		case '>':
 			if (textDst + 5 > textDstLast)
 				return NULL;
-			strcpy (textDst, "&gt;");
+			StringCchCopyA (textDst, textDstMaxSize, "&gt;");
 			textDst += 4;
+			textDstMaxSize -= 4;
 			continue;
 
 		case '<':
 			if (textDst + 5 > textDstLast)
 				return NULL;
-			strcpy (textDst, "&lt;");
+			StringCchCopyA (textDst, textDstMaxSize, "&lt;");
 			textDst += 4;
+			textDstMaxSize -= 4;
 			continue;
 
 		default:
 			*textDst++ = c;
+			textDstMaxSize--;
 		}
 	}
 
 	if (textDst > textDstLast)
@@ -229,28 +234,32 @@ wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMax
 		{
 		case L'&':
 			if (textDst + 6 > textDstLast)
 				return NULL;
-			wcscpy (textDst, L"&amp;");
+			StringCchCopyW (textDst, textDstMaxSize, L"&amp;");
 			textDst += 5;
+			textDstMaxSize -= 5;
 			continue;
 
 		case L'>':
 			if (textDst + 5 > textDstLast)
 				return NULL;
-			wcscpy (textDst, L"&gt;");
+			StringCchCopyW (textDst, textDstMaxSize, L"&gt;");
 			textDst += 4;
+			textDstMaxSize -= 4;
 			continue;
 
 		case L'<':
 			if (textDst + 5 > textDstLast)
 				return NULL;
-			wcscpy (textDst, L"&lt;");
+			StringCchCopyW (textDst, textDstMaxSize, L"&lt;");
 			textDst += 4;
+			textDstMaxSize -= 4;
 			continue;
 
 		default:
 			*textDst++ = c;
+			textDstMaxSize--;
 		}
 	}
 
 	if (textDst > textDstLast)