From c3747824367dbcbe74777c166b6d5d41d6de5dce Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Tue, 13 Jul 2021 21:59:48 +0200 Subject: Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with secure equivalents This fixed failure to build driver for ARM64 with latest VS 2019 --- src/Common/Crypto.c | 29 ++++++++++++++++------------- src/Common/Crypto.h | 4 ++-- src/Common/Dlgcode.c | 4 ++-- src/Common/Password.c | 3 ++- src/Common/Tcdefs.h | 6 +++--- src/Common/Tests.c | 4 ++-- src/Common/Xml.c | 21 +++++++++++++++------ 7 files changed, 42 insertions(+), 29 deletions(-) (limited to 'src/Common') diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index 4745f981..f4f6202b 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -18,6 +18,7 @@ #include "Common/Endian.h" #if !defined(_UEFI) #include +#include #ifndef TC_WINDOWS_BOOT #include "EncryptionThreadPool.h" #endif @@ -555,33 +556,35 @@ BOOL EAInitMode (PCRYPTO_INFO ci, unsigned char* key2) return TRUE; } -static void EAGetDisplayName(wchar_t *buf, int ea, int i) +static void EAGetDisplayName(wchar_t *buf, size_t bufLen, int ea, int i) { - wcscpy (buf, CipherGetName (i)); + StringCchCopyW (buf, bufLen, CipherGetName (i)); if (i = EAGetPreviousCipher(ea, i)) { - wcscat (buf, L"("); - EAGetDisplayName (&buf[wcslen(buf)], ea, i); - wcscat (buf, L")"); + size_t curLen; + StringCchCatW (buf, bufLen, L"("); + curLen = wcslen(buf); + EAGetDisplayName (&buf[curLen], bufLen - curLen, ea, i); + StringCchCatW (buf, bufLen, L")"); } } // Returns name of EA, cascaded cipher names are separated by hyphens -wchar_t *EAGetName (wchar_t *buf, int ea, int guiDisplay) +wchar_t *EAGetName (wchar_t *buf, size_t bufLen, int ea, int guiDisplay) { if (guiDisplay) { - EAGetDisplayName (buf, ea, EAGetLastCipher(ea)); + EAGetDisplayName (buf, bufLen, ea, EAGetLastCipher(ea)); } else { int i = EAGetLastCipher(ea); - wcscpy (buf, (i != 0) ? CipherGetName (i) : L"?"); + StringCchCopyW (buf, bufLen, (i != 0) ? CipherGetName (i) : L"?"); while (i = EAGetPreviousCipher(ea, i)) { - wcscat (buf, L"-"); - wcscat (buf, CipherGetName (i)); + StringCchCatW (buf, bufLen, L"-"); + StringCchCatW (buf, bufLen, CipherGetName (i)); } } return buf; @@ -595,7 +598,7 @@ int EAGetByName (wchar_t *name) do { - EAGetName(n, ea, 1); + EAGetName(n, 128, ea, 1); #if defined(_UEFI) if (wcscmp(n, name) == 0) #else @@ -785,11 +788,11 @@ const wchar_t *HashGetName (int hashId) return pHash? pHash -> Name : L""; } -void HashGetName2 (wchar_t *buf, int hashId) +void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId) { Hash* pHash = HashGet(hashId); if (pHash) - wcscpy(buf, pHash -> Name); + StringCchCopyW (buf, bufLen, pHash -> Name); else buf[0] = L'\0'; } diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index a31152f2..95222ba6 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -342,7 +342,7 @@ int EAGetFirst (); int EAGetCount (void); int EAGetNext (int previousEA); #ifndef TC_WINDOWS_BOOT -wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay); +wchar_t * EAGetName (wchar_t *buf, size_t bufLen, int ea, int guiDisplay); int EAGetByName (wchar_t *name); #endif int EAGetKeySize (int ea); @@ -373,7 +373,7 @@ const wchar_t *HashGetName (int hash_algo_id); int HashGetIdByName (wchar_t *name); #endif Hash *HashGet (int id); -void HashGetName2 (wchar_t *buf, int hashId); +void HashGetName2 (wchar_t *buf, size_t bufLen, int hashId); BOOL HashIsDeprecated (int hashId); BOOL HashForSystemEncryption (int hashId); int GetMaxPkcs5OutSize (void); diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 2e0b507a..8209f2b2 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -5903,7 +5903,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) benchmarkTable[benchmarkTotalItems].decSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; benchmarkTable[benchmarkTotalItems].id = ci->ea; benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2; - EAGetName (benchmarkTable[benchmarkTotalItems].name, ci->ea, 1); + EAGetName (benchmarkTable[benchmarkTotalItems].name, 100, ci->ea, 1); benchmarkTotalItems++; } @@ -6826,7 +6826,7 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) { if (EAGetCipherCount (ea) == 1 && EAIsFormatEnabled (ea)) - AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ea, 1), EAGetFirstCipher (ea)); + AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ARRAYSIZE(buf),ea, 1), EAGetFirstCipher (ea)); } ResetCipherTest(hwndDlg, idTestCipher); diff --git a/src/Common/Password.c b/src/Common/Password.c index f2413b6d..4caf3a21 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -23,6 +23,7 @@ #include "Random.h" #include +#include #ifndef SRC_POS #define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) @@ -210,7 +211,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, if (bDevice == FALSE) { - wcscpy (szCFDevice, szDiskFile); + StringCchCopyW (szCFDevice, ARRAYSIZE(szCFDevice), szDiskFile); } else { diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h index d01ea63b..2113c81c 100644 --- a/src/Common/Tcdefs.h +++ b/src/Common/Tcdefs.h @@ -180,10 +180,10 @@ typedef uint64 uint_64t; typedef CHAR16 wchar_t; typedef int LONG; -#define wcscpy StrCpy +#define StringCchCopyW StrCpyS #define wcslen StrLen #define wcscmp StrCmp -#define wcscat StrCat +#define StringCchCatW StrCatS #define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count)) #define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch)) @@ -195,7 +195,7 @@ typedef int LONG; #define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch) #define strcmp AsciiStrCmp #define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count))) -#define strcpy(strDest,strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource) +#define StringCchCopyA(strDest,strMaxSize,strSource) AsciiStrCpyS(strDest,strMaxSize,strSource) #define strncpy(strDest,strSource,count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count) #define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE)) #define strstr AsciiStrStr diff --git a/src/Common/Tests.c b/src/Common/Tests.c index 0af4313e..a66c7b54 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -707,7 +707,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) if (!EAIsModeSupported (ci->ea, ci->mode)) continue; - EAGetName (name, ci->ea, 0); + EAGetName (name, ARRAYSIZE(name), ci->ea, 0); if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) return FALSE; @@ -1188,7 +1188,7 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) if (!EAIsModeSupported (ci->ea, ci->mode)) continue; - EAGetName (name, ci->ea, 0); + EAGetName (name, ARRAYSIZE(name), ci->ea, 0); if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) return FALSE; diff --git a/src/Common/Xml.c b/src/Common/Xml.c index 37b73498..9f77b3ba 100644 --- a/src/Common/Xml.c +++ b/src/Common/Xml.c @@ -12,6 +12,7 @@ #if !defined(_UEFI) #include #include +#include #else #include "Tcdefs.h" #pragma warning( disable : 4706 ) // assignment within conditional expression @@ -185,26 +186,30 @@ char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize) case '&': if (textDst + 6 > textDstLast) return NULL; - strcpy (textDst, "&"); + StringCchCopyA (textDst, textDstMaxSize, "&"); textDst += 5; + textDstMaxSize -= 5; continue; case '>': if (textDst + 5 > textDstLast) return NULL; - strcpy (textDst, ">"); + StringCchCopyA (textDst, textDstMaxSize, ">"); textDst += 4; + textDstMaxSize -= 4; continue; case '<': if (textDst + 5 > textDstLast) return NULL; - strcpy (textDst, "<"); + StringCchCopyA (textDst, textDstMaxSize, "<"); textDst += 4; + textDstMaxSize -= 4; continue; default: *textDst++ = c; + textDstMaxSize--; } } @@ -230,26 +235,30 @@ wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMax case L'&': if (textDst + 6 > textDstLast) return NULL; - wcscpy (textDst, L"&"); + StringCchCopyW (textDst, textDstMaxSize, L"&"); textDst += 5; + textDstMaxSize -= 5; continue; case L'>': if (textDst + 5 > textDstLast) return NULL; - wcscpy (textDst, L">"); + StringCchCopyW (textDst, textDstMaxSize, L">"); textDst += 4; + textDstMaxSize -= 4; continue; case L'<': if (textDst + 5 > textDstLast) return NULL; - wcscpy (textDst, L"<"); + StringCchCopyW (textDst, textDstMaxSize, L"<"); textDst += 4; + textDstMaxSize -= 4; continue; default: *textDst++ = c; + textDstMaxSize--; } } -- cgit v1.2.3