diff --git a/reactos/base/applications/rapps/available.c b/reactos/base/applications/rapps/available.c index 9df29cab489..f650af27269 100644 --- a/reactos/base/applications/rapps/available.c +++ b/reactos/base/applications/rapps/available.c @@ -46,11 +46,16 @@ DeleteCurrentAppsDB(VOID) WCHAR szSearchPath[MAX_PATH]; WCHAR szPath[MAX_PATH]; WCHAR szTmp[MAX_PATH]; + HRESULT hr; if (!GetStorageDirectory(szPath, sizeof(szPath) / sizeof(szPath[0]))) return FALSE; - swprintf(szCabPath, L"%s\\rappmgr.cab", szPath); + hr = StringCbPrintfW(szCabPath, sizeof(szCabPath), + L"%ls\\rappmgr.cab", + szPath); + if (FAILED(hr)) + return FALSE; if (GetFileAttributesW(szCabPath) != INVALID_FILE_ATTRIBUTES) { @@ -58,8 +63,15 @@ DeleteCurrentAppsDB(VOID) return FALSE; } - wcscat(szPath, L"\\rapps\\"); - swprintf(szSearchPath, L"%s*.txt", szPath); + hr = StringCbCatW(szPath, sizeof(szPath), L"\\rapps\\"); + if (FAILED(hr)) + return FALSE; + + hr = StringCbPrintfW(szSearchPath, sizeof(szSearchPath), + L"%ls*.txt", + szPath); + if (FAILED(hr)) + return FALSE; hFind = FindFirstFileW(szSearchPath, &FindFileData); if (hFind == INVALID_HANDLE_VALUE) @@ -67,8 +79,10 @@ DeleteCurrentAppsDB(VOID) do { - swprintf(szTmp, L"%s%s", szPath, FindFileData.cFileName); - if (!DeleteFileW(szTmp)) + hr = StringCbPrintfW(szTmp, sizeof(szTmp), + L"%ls%ls", + szPath, FindFileData.cFileName); + if (FAILED(hr) || !DeleteFileW(szTmp)) { FindClose(hFind); return FALSE; @@ -97,10 +111,19 @@ UpdateAppsDB(VOID) if (!GetStorageDirectory(szPath, sizeof(szPath) / sizeof(szPath[0]))) return FALSE; - swprintf(szCabPath, L"%s\\rappmgr.cab", szPath); + if (FAILED(StringCbPrintfW(szCabPath, sizeof(szCabPath), + L"%ls\\rappmgr.cab", + szPath))) + { + return FALSE; + } - wcscat(szPath, L"\\rapps\\"); - wcscpy(szAppsPath, szPath); + if (FAILED(StringCbPrintfW(szAppsPath, sizeof(szAppsPath), + L"%ls\\rapps\\", + szPath))) + { + return FALSE; + } ExtractFilesFromCab(szCabPath, szAppsPath); @@ -119,16 +142,25 @@ EnumAvailableApplications(INT EnumType, AVAILENUMPROC lpEnumProc) WCHAR szCabPath[MAX_PATH]; WCHAR szLocale[4 + 1]; APPLICATION_INFO Info; + HRESULT hr; if (!GetStorageDirectory(szPath, sizeof(szPath) / sizeof(szPath[0]))) { return FALSE; } - swprintf(szCabPath, L"%s\\rappmgr.cab", szPath); + hr = StringCbPrintfW(szCabPath, sizeof(szCabPath), + L"%ls\\rappmgr.cab", + szPath); + if (FAILED(hr)) + return FALSE; - wcscat(szPath, L"\\rapps\\"); - wcscpy(szAppsPath, szPath); + hr = StringCbCatW(szPath, sizeof(szPath), L"\\rapps\\"); + if (FAILED(hr)) + return FALSE; + hr = StringCbCopyW(szAppsPath, sizeof(szAppsPath), szPath); + if (FAILED(hr)) + return FALSE; if (!CreateDirectory(szPath, NULL) && GetLastError() != ERROR_ALREADY_EXISTS) @@ -137,9 +169,13 @@ EnumAvailableApplications(INT EnumType, AVAILENUMPROC lpEnumProc) } GetLocaleInfoW(GetUserDefaultLCID(), LOCALE_ILANGUAGE, szLocale, sizeof(szLocale) / sizeof(WCHAR)); - wcscat(szSectionLocale, szLocale); + hr = StringCbCatW(szSectionLocale, sizeof(szSectionLocale), szLocale); + if (FAILED(hr)) + return FALSE; - wcscat(szPath, L"*.txt"); + hr = StringCbCatW(szPath, sizeof(szPath), L"*.txt"); + if (FAILED(hr)) + return FALSE; hFind = FindFirstFileW(szPath, &FindFileData); if (hFind == INVALID_HANDLE_VALUE) diff --git a/reactos/base/applications/rapps/installed.c b/reactos/base/applications/rapps/installed.c index 57adbb6604f..fe244727505 100644 --- a/reactos/base/applications/rapps/installed.c +++ b/reactos/base/applications/rapps/installed.c @@ -23,7 +23,7 @@ GetApplicationString(HKEY hKey, LPWSTR lpKeyName, LPWSTR lpString) return TRUE; } - wcscpy(lpString, L"---"); + (VOID)StringCchCopyW(lpString, MAX_PATH, L"---"); return FALSE; } diff --git a/reactos/base/applications/rapps/loaddlg.c b/reactos/base/applications/rapps/loaddlg.c index d886a808348..c4c17ffcab2 100644 --- a/reactos/base/applications/rapps/loaddlg.c +++ b/reactos/base/applications/rapps/loaddlg.c @@ -232,7 +232,11 @@ ThreadFunc(LPVOID Context) } else { - wcscpy(path, SettingsInfo.szDownloadDir); + if (FAILED(StringCbCopyW(path, sizeof(path), + SettingsInfo.szDownloadDir))) + { + goto end; + } } } else goto end; @@ -243,8 +247,10 @@ ThreadFunc(LPVOID Context) goto end; } - wcscat(path, L"\\"); - wcscat(path, p + 1); + if (FAILED(StringCbCatW(path, sizeof(path), L"\\"))) + goto end; + if (FAILED(StringCbCatW(path, sizeof(path), p + 1))) + goto end; /* download it */ bTempfile = TRUE; @@ -353,7 +359,12 @@ DownloadApplicationsDB(LPWSTR lpUrl) APPLICATION_INFO IntInfo; ZeroMemory(&IntInfo, sizeof(APPLICATION_INFO)); - wcscpy(IntInfo.szUrlDownload, lpUrl); + if (FAILED(StringCbCopyW(IntInfo.szUrlDownload, + sizeof(IntInfo.szUrlDownload), + lpUrl))) + { + return; + } AppInfo = &IntInfo; diff --git a/reactos/base/applications/rapps/misc.c b/reactos/base/applications/rapps/misc.c index f398df17ce4..8dbe99ce9a2 100644 --- a/reactos/base/applications/rapps/misc.c +++ b/reactos/base/applications/rapps/misc.c @@ -111,18 +111,23 @@ GetClientWindowHeight(HWND hwnd) VOID CopyTextToClipboard(LPCWSTR lpszText) { + HRESULT hr; + if(OpenClipboard(NULL)) { HGLOBAL ClipBuffer; WCHAR *Buffer; + DWORD cchBuffer; EmptyClipboard(); - ClipBuffer = GlobalAlloc(GMEM_DDESHARE, (wcslen(lpszText) + 1) * sizeof(TCHAR)); + cchBuffer = wcslen(lpszText) + 1; + ClipBuffer = GlobalAlloc(GMEM_DDESHARE, cchBuffer * sizeof(WCHAR)); Buffer = (WCHAR*)GlobalLock(ClipBuffer); - wcscpy(Buffer, lpszText); + hr = StringCchCopyW(Buffer, cchBuffer, lpszText); GlobalUnlock(ClipBuffer); - SetClipboardData(CF_UNICODETEXT, ClipBuffer); + if (SUCCEEDED(hr)) + SetClipboardData(CF_UNICODETEXT, ClipBuffer); CloseClipboard(); } diff --git a/reactos/base/applications/rapps/parser.c b/reactos/base/applications/rapps/parser.c index e9073f06742..d8795d6a365 100644 --- a/reactos/base/applications/rapps/parser.c +++ b/reactos/base/applications/rapps/parser.c @@ -176,7 +176,8 @@ ParserSave(HANDLE hFile, const SECTION *section, ENCODING encoding) for ( ; section; section = section->next) { - int len = 0; + size_t len = 0; + size_t remaining; if (section->name[0]) len += wcslen(section->name) + 4; @@ -190,28 +191,28 @@ ParserSave(HANDLE hFile, const SECTION *section, ENCODING encoding) if (!buffer) return; p = buffer; + remaining = len; if (section->name[0]) { - *p++ = '['; - wcscpy(p, section->name); - p += wcslen(p); - *p++ = ']'; - *p++ = '\r'; - *p++ = '\n'; + StringCchPrintfExW(p, remaining, &p, &remaining, 0, + L"[%ls]\r\n", + section->name); } for (key = section->key; key; key = key->next) { - wcscpy(p, key->name); - p += wcslen(p); if (key->value) { - *p++ = '='; - wcscpy(p, key->value); - p += wcslen(p); + StringCchPrintfExW(p, remaining, &p, &remaining, 0, + L"%ls=%ls\r\n", + key->name, key->value); + } + else + { + StringCchPrintfExW(p, remaining, &p, &remaining, 0, + L"%ls\r\n", + key->name); } - *p++ = '\r'; - *p++ = '\n'; } ParserWriteLine(hFile, buffer, len, encoding); HeapFree(GetProcessHeap(), 0, buffer); @@ -434,6 +435,7 @@ SECTIONKEY *ParserFind(SECTION **section, LPCWSTR section_name, LPCWSTR key_name, BOOL create, BOOL create_always) { LPCWSTR p; + DWORD cch; int seclen, keylen; while (ParserIsSpace(*section_name)) section_name++; @@ -474,9 +476,10 @@ SECTIONKEY } if (!create) return NULL; - if (!(*key = HeapAlloc(GetProcessHeap(), 0, sizeof(SECTIONKEY) + wcslen(key_name) * sizeof(WCHAR)))) + cch = wcslen(key_name) + 1; + if (!(*key = HeapAlloc(GetProcessHeap(), 0, FIELD_OFFSET(SECTIONKEY, name) + cch * sizeof(WCHAR)))) return NULL; - wcscpy((*key)->name, key_name); + StringCchCopyW((*key)->name, cch, key_name); (*key)->value = NULL; (*key)->next = NULL; return *key; @@ -484,17 +487,19 @@ SECTIONKEY section = &(*section)->next; } if (!create) return NULL; - *section = HeapAlloc(GetProcessHeap(), 0, sizeof(SECTION) + wcslen(section_name) * sizeof(WCHAR)); + cch = wcslen(section_name) + 1; + *section = HeapAlloc(GetProcessHeap(), 0, FIELD_OFFSET(SECTION, name) + cch * sizeof(WCHAR)); if(*section == NULL) return NULL; - wcscpy((*section)->name, section_name); + StringCchCopyW((*section)->name, cch, section_name); (*section)->next = NULL; + cch = wcslen(key_name) + 1; if (!((*section)->key = HeapAlloc(GetProcessHeap(), 0, - sizeof(SECTIONKEY) + wcslen(key_name) * sizeof(WCHAR)))) + FIELD_OFFSET(SECTIONKEY, name) + cch * sizeof(WCHAR)))) { HeapFree(GetProcessHeap(), 0, *section); return NULL; } - wcscpy((*section)->key->name, key_name); + StringCchCopyW((*section)->key->name, cch, key_name); (*section)->key->value = NULL; (*section)->key->next = NULL; return (*section)->key; @@ -541,10 +546,10 @@ ParserOpen(LPCWSTR filename, BOOL write_access) { WCHAR szDir[MAX_PATH]; WCHAR buffer[MAX_PATH]; + DWORD cch; HANDLE hFile = INVALID_HANDLE_VALUE; int i, j; ITEMS *tempProfile; - static const WCHAR wszSeparator[] = L"\\rapps\\"; if (!CurProfile) for (i = 0; i < N_CACHED_ITEMS; i++) @@ -559,9 +564,9 @@ ParserOpen(LPCWSTR filename, BOOL write_access) GetStorageDirectory(szDir, sizeof(szDir) / sizeof(szDir[0])); - wcscpy(buffer, szDir); - wcscat(buffer, wszSeparator); - wcscat(buffer, filename); + StringCbPrintfW(buffer, sizeof(buffer), + L"%ls\\rapps\\%ls", + szDir, filename); hFile = CreateFileW(buffer, GENERIC_READ | (write_access ? GENERIC_WRITE : 0), FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, @@ -605,11 +610,12 @@ ParserOpen(LPCWSTR filename, BOOL write_access) if (CurProfile->filename) ParserReleaseFile(); - CurProfile->filename = HeapAlloc(GetProcessHeap(), 0, (wcslen(buffer) + 1) * sizeof(WCHAR)); + cch = wcslen(buffer) + 1; + CurProfile->filename = HeapAlloc(GetProcessHeap(), 0, cch * sizeof(WCHAR)); if (CurProfile->filename == NULL) return FALSE; - wcscpy(CurProfile->filename, buffer); + StringCchCopyW(CurProfile->filename, cch, buffer); if (hFile != INVALID_HANDLE_VALUE) { diff --git a/reactos/base/applications/rapps/settingsdlg.c b/reactos/base/applications/rapps/settingsdlg.c index 5bbda1d2cfc..7f3a5fba409 100644 --- a/reactos/base/applications/rapps/settingsdlg.c +++ b/reactos/base/applications/rapps/settingsdlg.c @@ -113,7 +113,9 @@ SettingsDlgProc(HWND hDlg, UINT Msg, WPARAM wParam, LPARAM lParam) if (dwAttr != INVALID_FILE_ATTRIBUTES && (dwAttr & FILE_ATTRIBUTE_DIRECTORY)) { - wcscpy(NewSettingsInfo.szDownloadDir, szDir); + StringCbCopyW(NewSettingsInfo.szDownloadDir, + sizeof(NewSettingsInfo.szDownloadDir), + szDir); } else { diff --git a/reactos/base/applications/rapps/winmain.c b/reactos/base/applications/rapps/winmain.c index 409dc936c57..a4e51ca92cc 100644 --- a/reactos/base/applications/rapps/winmain.c +++ b/reactos/base/applications/rapps/winmain.c @@ -22,7 +22,9 @@ FillDefaultSettings(PSETTINGS_INFO pSettingsInfo) pSettingsInfo->bSaveWndPos = TRUE; pSettingsInfo->bUpdateAtStart = FALSE; pSettingsInfo->bLogEnabled = TRUE; - wcscpy(pSettingsInfo->szDownloadDir, L"C:\\Downloads"); + StringCbCopyW(pSettingsInfo->szDownloadDir, + sizeof(pSettingsInfo->szDownloadDir), + L"C:\\Downloads"); pSettingsInfo->bDelInstaller = FALSE; pSettingsInfo->Maximized = FALSE; @@ -217,7 +219,9 @@ UpdateApplicationsList(INT EnumType) SelectedEnumType = EnumType; LoadStringW(hInst, IDS_APPS_COUNT, szBuffer2, sizeof(szBuffer2) / sizeof(WCHAR)); - swprintf(szBuffer1, szBuffer2, ListView_GetItemCount(hListView)); + StringCbPrintfW(szBuffer1, sizeof(szBuffer1), + szBuffer2, + ListView_GetItemCount(hListView)); SetStatusBarText(szBuffer1); SetWelcomeText(); @@ -330,7 +334,9 @@ InitControls(HWND hwnd) InitCategoriesList(); LoadStringW(hInst, IDS_APPS_COUNT, szBuffer2, sizeof(szBuffer2) / sizeof(WCHAR)); - swprintf(szBuffer1, szBuffer2, ListView_GetItemCount(hListView)); + StringCbPrintfW(szBuffer1, sizeof(szBuffer1), + szBuffer2, + ListView_GetItemCount(hListView)); SetStatusBarText(szBuffer1); return TRUE; }