From 2ecf5b764b7e4a329919f8bc8077e50d4ca7b53f Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Wed, 21 Sep 2016 00:19:52 +0200 Subject: [PATCH 1/2] Use secure CRT functions for string copying. --- MemoryModule.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index cf38388..1300b3d 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -851,8 +851,9 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( // using a pre-allocated array. wchar_t _searchKeySpace[MAX_LOCAL_KEY_LENGTH+1]; LPWSTR _searchKey; + size_t _searchKeySize; if (searchKeyLen > MAX_LOCAL_KEY_LENGTH) { - size_t _searchKeySize = (searchKeyLen + 1) * sizeof(wchar_t); + _searchKeySize = (searchKeyLen + 1) * sizeof(wchar_t); _searchKey = (LPWSTR) malloc(_searchKeySize); if (_searchKey == NULL) { SetLastError(ERROR_OUTOFMEMORY); @@ -860,10 +861,10 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( } } else { _searchKey = &_searchKeySpace[0]; + _searchKeySize = sizeof(_searchKeySpace); } - mbstowcs(_searchKey, key, searchKeyLen); - _searchKey[searchKeyLen] = 0; + mbstowcs_s(NULL, _searchKey, _searchKeySize, key, searchKeyLen); searchKey = _searchKey; #endif start = 0; @@ -990,7 +991,7 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO { HMEMORYRSRC resource; PIMAGE_RESOURCE_DIR_STRING_U data; - DWORD size; + int size; if (maxsize == 0) { return 0; } @@ -1013,15 +1014,13 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO } size = data->Length; - if (size >= (DWORD) maxsize) { - size = maxsize; - } else { - buffer[size] = 0; + if (size >= maxsize) { + size = maxsize - 1; } #if defined(UNICODE) - wcsncpy(buffer, data->NameString, size); + wcsncpy_s(buffer, maxsize, data->NameString, size); #else - wcstombs(buffer, data->NameString, size); + wcstombs_s(NULL, buffer, maxsize, data->NameString, size); #endif return size; } From 7d0c143f9242dc1bb06d580f9319fc9944c48626 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Wed, 21 Sep 2016 01:12:11 +0200 Subject: [PATCH 2/2] Need stdlib.h on MinGW. --- MemoryModule.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MemoryModule.c b/MemoryModule.c index 1300b3d..1f2bdc8 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -27,6 +27,10 @@ #include #include #include +#ifdef __MINGW32__ +// for mbstowcs_s and wcstombs_s +#include +#endif #include #ifdef DEBUG_OUTPUT #include