From 2ecf5b764b7e4a329919f8bc8077e50d4ca7b53f Mon Sep 17 00:00:00 2001
From: Joachim Bauch <mail@joachim-bauch.de>
Date: Wed, 21 Sep 2016 00:19:52 +0200
Subject: [PATCH 1/2] Use secure CRT functions for string copying.

---
 MemoryModule.c | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/MemoryModule.c b/MemoryModule.c
index cf38388..1300b3d 100644
--- a/MemoryModule.c
+++ b/MemoryModule.c
@@ -851,8 +851,9 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry(
         // using a pre-allocated array.
         wchar_t _searchKeySpace[MAX_LOCAL_KEY_LENGTH+1];
         LPWSTR _searchKey;
+        size_t _searchKeySize;
         if (searchKeyLen > MAX_LOCAL_KEY_LENGTH) {
-            size_t _searchKeySize = (searchKeyLen + 1) * sizeof(wchar_t);
+            _searchKeySize = (searchKeyLen + 1) * sizeof(wchar_t);
             _searchKey = (LPWSTR) malloc(_searchKeySize);
             if (_searchKey == NULL) {
                 SetLastError(ERROR_OUTOFMEMORY);
@@ -860,10 +861,10 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry(
             }
         } else {
             _searchKey = &_searchKeySpace[0];
+            _searchKeySize = sizeof(_searchKeySpace);
         }
 
-        mbstowcs(_searchKey, key, searchKeyLen);
-        _searchKey[searchKeyLen] = 0;
+        mbstowcs_s(NULL, _searchKey, _searchKeySize, key, searchKeyLen);
         searchKey = _searchKey;
 #endif
         start = 0;
@@ -990,7 +991,7 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO
 {
     HMEMORYRSRC resource;
     PIMAGE_RESOURCE_DIR_STRING_U data;
-    DWORD size;
+    int size;
     if (maxsize == 0) {
         return 0;
     }
@@ -1013,15 +1014,13 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO
     }
 
     size = data->Length;
-    if (size >= (DWORD) maxsize) {
-        size = maxsize;
-    } else {
-        buffer[size] = 0;
+    if (size >= maxsize) {
+        size = maxsize - 1;
     }
 #if defined(UNICODE)
-    wcsncpy(buffer, data->NameString, size);
+    wcsncpy_s(buffer, maxsize, data->NameString, size);
 #else
-    wcstombs(buffer, data->NameString, size);
+    wcstombs_s(NULL, buffer, maxsize, data->NameString, size);
 #endif
     return size;
 }

From 7d0c143f9242dc1bb06d580f9319fc9944c48626 Mon Sep 17 00:00:00 2001
From: Joachim Bauch <mail@joachim-bauch.de>
Date: Wed, 21 Sep 2016 01:12:11 +0200
Subject: [PATCH 2/2] Need stdlib.h on MinGW.

---
 MemoryModule.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/MemoryModule.c b/MemoryModule.c
index 1300b3d..1f2bdc8 100644
--- a/MemoryModule.c
+++ b/MemoryModule.c
@@ -27,6 +27,10 @@
 #include <windows.h>
 #include <winnt.h>
 #include <stddef.h>
+#ifdef __MINGW32__
+// for mbstowcs_s and wcstombs_s
+#include <stdlib.h>
+#endif
 #include <tchar.h>
 #ifdef DEBUG_OUTPUT
 #include <stdio.h>