[cwittich] 61709: [desk.cpl] strsafe++ - Ros-diffs

19 Jan 2014

Author: cwittich
Date: Sun Jan 19 19:15:08 2014
New Revision: 61709
URL: http://svn.reactos.org/svn/reactos?rev=61709&view=rev
Log:
[desk.cpl]
strsafe++
Modified:
    trunk/reactos/dll/cpl/desk/advappdlg.c
    trunk/reactos/dll/cpl/desk/background.c
    trunk/reactos/dll/cpl/desk/classinst.c
    trunk/reactos/dll/cpl/desk/desk.h
    trunk/reactos/dll/cpl/desk/devsett.c
    trunk/reactos/dll/cpl/desk/screensaver.c
Modified: trunk/reactos/dll/cpl/desk/advappdlg.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/advappdlg.c?re...
==============================================================================

--- trunk/reactos/dll/cpl/desk/advappdlg.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/advappdlg.c	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -425,7 +425,7 @@
     /* Fill font size combo */
     for (i = 6; i <= 24; i++)
     {
-        wsprintf(Size, TEXT("%d"), i);
+        StringCbPrintf(Size, sizeof(Size), TEXT("%d"), i);
         SendDlgItemMessage(hwndDlg, IDC_ADVAPPEARANCE_FONTSIZE_E, CB_ADDSTRING, 0, (LPARAM)&Size);
     }
Modified: trunk/reactos/dll/cpl/desk/background.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/background.c?r...
==============================================================================
--- trunk/reactos/dll/cpl/desk/background.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/background.c	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -88,6 +88,7 @@
     TCHAR *token;
     HWND hwndBackgroundList;
     TCHAR *p;
+    HRESULT hr;
hwndBackgroundList = GetDlgItem(hwndDlg, IDC_BACKGROUND_LIST);
@@ -134,7 +135,12 @@
             /* Allow environment variables in file name */
             if (ExpandEnvironmentStrings(wallpaperFilename, buffer, MAX_PATH))
             {
-                _tcscpy(wallpaperFilename, buffer);
+                hr = StringCbCopy(wallpaperFilename, sizeof(wallpaperFilename), buffer);
+                if (FAILED(hr))
+                {
+                    RegCloseKey(regKey);
+                    return;
+                }
             }
himl = (HIMAGELIST)SHGetFileInfo(wallpaperFilename,
@@ -155,11 +161,23 @@
backgroundItem->bWallpaper = TRUE;
-                _tcscpy(backgroundItem->szDisplayName, sfi.szDisplayName);
+                hr = StringCbCopy(backgroundItem->szDisplayName, sizeof(backgroundItem->szDisplayName), sfi.szDisplayName);
+                if (FAILED(hr))
+                {
+                    RegCloseKey(regKey);
+                    return;
+                }
+
                 p = _tcsrchr(backgroundItem->szDisplayName, _T('.'));
                 if (p)
                     *p = (TCHAR)0;
-                _tcscpy(backgroundItem->szFilename, wallpaperFilename);
+
+                hr = StringCbCopy(backgroundItem->szFilename, sizeof(backgroundItem->szFilename), wallpaperFilename);
+                if (FAILED(hr))
+                {
+                    RegCloseKey(regKey);
+                    return;
+                }
ZeroMemory(&listItem, sizeof(LV_ITEM));
                 listItem.mask       = LVIF_TEXT | LVIF_PARAM | LVIF_STATE | LVIF_IMAGE;
@@ -190,8 +208,13 @@
     while (token != NULL)
     {
         GetWindowsDirectory(szSearchPath, MAX_PATH);
-        _tcscat(szSearchPath, TEXT("\"));
-        _tcscat(szSearchPath, token);
+        
+        hr = StringCbCat(szSearchPath, sizeof(szSearchPath), TEXT("\"));
+        if (FAILED(hr))
+            return;
+        hr = StringCbCat(szSearchPath, sizeof(szSearchPath), token);
+        if (FAILED(hr))
+            return;
hFind = FindFirstFile(szSearchPath, &fd);
         while (hFind != INVALID_HANDLE_VALUE)
@@ -200,8 +223,18 @@
GetWindowsDirectory(filename, MAX_PATH);
-            _tcscat(filename, TEXT("\"));
-            _tcscat(filename, fd.cFileName);
+            hr = StringCbCat(filename, sizeof(filename), TEXT("\"));
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
+            hr = StringCbCat(filename, sizeof(filename), fd.cFileName);
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
/* Don't add any hidden bitmaps. Also don't add current wallpaper once more. */
             if (((fd.dwFileAttributes & FILE_ATTRIBUTE_HIDDEN) == 0) && (_tcscmp(wallpaperFilename, filename) != 0))
@@ -225,11 +258,21 @@
backgroundItem->bWallpaper = TRUE;
-                _tcscpy(backgroundItem->szDisplayName, sfi.szDisplayName);
+                hr = StringCbCopy(backgroundItem->szDisplayName, sizeof(backgroundItem->szDisplayName), sfi.szDisplayName);
+                if (FAILED(hr))
+                {
+                    FindClose(hFind);
+                    return;
+                }
                 p = _tcsrchr(backgroundItem->szDisplayName, _T('.'));
                 if (p)
                     *p = (TCHAR)0;
-                _tcscpy(backgroundItem->szFilename, filename);
+                hr = StringCbCopy(backgroundItem->szFilename, sizeof(backgroundItem->szFilename), filename);
+                if (FAILED(hr))
+                {
+                    FindClose(hFind);
+                    return;
+                }
ZeroMemory(&listItem, sizeof(LV_ITEM));
                 listItem.mask       = LVIF_TEXT | LVIF_PARAM | LVIF_STATE | LVIF_IMAGE;
@@ -249,6 +292,7 @@
         }
token = _tcstok(NULL, separators);
+        FindClose(hFind);
     }
 }
@@ -428,6 +472,7 @@
     LV_ITEM listItem;
     HWND hwndBackgroundList;
     TCHAR *p;
+    HRESULT hr;
hwndBackgroundList = GetDlgItem(hwndDlg, IDC_BACKGROUND_LIST);
@@ -469,11 +514,15 @@
backgroundItem->bWallpaper = TRUE;
-        _tcscpy(backgroundItem->szDisplayName, sfi.szDisplayName);
+        hr = StringCbCopy(backgroundItem->szDisplayName, sizeof(backgroundItem->szDisplayName), sfi.szDisplayName);
+        if (FAILED(hr))
+            return;
         p = _tcsrchr(backgroundItem->szDisplayName, _T('.'));
         if (p)
             *p = (TCHAR)0;
-        _tcscpy(backgroundItem->szFilename, filename);
+        hr = StringCbCopy(backgroundItem->szFilename, sizeof(backgroundItem->szFilename), filename);
+        if (FAILED(hr))
+            return;
ZeroMemory(&listItem, sizeof(LV_ITEM));
         listItem.mask       = LVIF_TEXT | LVIF_PARAM | LVIF_STATE | LVIF_IMAGE;
@@ -736,7 +785,7 @@
         green = GetGValue(g_GlobalData.desktop_color);
         blue  = GetBValue(g_GlobalData.desktop_color);
         /* Format string to be set to registry */
-        wsprintf(clText, TEXT("%d %d %d"), red, green, blue);
+        StringCbPrintf(clText, sizeof(clText), TEXT("%d %d %d"), red, green, blue);
         RegSetValueEx(hKey, TEXT("Background"), 0, REG_SZ, (BYTE *)clText,
                       (lstrlen(clText) + 1) * sizeof(TCHAR));
         RegCloseKey(hKey);
Modified: trunk/reactos/dll/cpl/desk/classinst.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/classinst.c?re...
==============================================================================
--- trunk/reactos/dll/cpl/desk/classinst.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/classinst.c	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -32,6 +32,7 @@
     DWORD disposition;
     BOOL result;
     LONG rc;
+    HRESULT hr;
if (InstallFunction != DIF_INSTALLDEVICE)
         return ERROR_DI_DO_DEFAULT;
@@ -104,7 +105,12 @@
         DPRINT("SetupDiGetActualSectionToInstall() failed with error 0x%lx\n", rc);
         goto cleanup;
     }
-    _tcscat(SectionName, _T(".SoftwareSettings"));
+    hr = StringCbCat(SectionName, sizeof(SectionName), _T(".SoftwareSettings"));
+    if (FAILED(hr))
+    {
+        rc = ERROR_INSUFFICIENT_BUFFER;
+        goto cleanup;
+    }
/* Open driver registry key and create Settings subkey */
     hDriverKey = SetupDiOpenDevRegKey(
Modified: trunk/reactos/dll/cpl/desk/desk.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/desk.h?rev=617...
==============================================================================
--- trunk/reactos/dll/cpl/desk/desk.h	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/desk.h	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -19,6 +19,7 @@
 #include <shlobj.h>
 #include <regstr.h>
 #include <dll/desk/deskcplx.h>
+#include <strsafe.h>
#include "appearance.h"
 #include "preview.h"
Modified: trunk/reactos/dll/cpl/desk/devsett.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/devsett.c?rev=...
==============================================================================
--- trunk/reactos/dll/cpl/desk/devsett.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/devsett.c	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -83,7 +83,7 @@
     if (str != NULL)
     {
 #ifdef UNICODE
-        wcscpy(str,
+        StringCbCopyW(str, c * sizeof(WCHAR),
                pszSrc);
 #else
         MultiByteToWideChar(CP_ACP,
@@ -556,7 +556,7 @@
     PCWSTR pszRet = NULL;
     PWSTR pszBuf;
     PCDevSettings This = impl_from_IDataObject(iface);
-
+    
     ZeroMemory(pmedium,
                sizeof(STGMEDIUM));
@@ -662,11 +662,12 @@
             pszRet = szEmpty;
pszBuf = GlobalAlloc(GPTR,
-                             (_tcslen(pszRet) + 1) * sizeof(WCHAR));
+                             (wcslen(pszRet) + 1) * sizeof(WCHAR));
         if (pszBuf != NULL)
         {
-            _tcscpy(pszBuf,
-                    pszRet);
+            hr = StringCbCopy(pszBuf, (wcslen(pszRet) + 1) * sizeof(WCHAR), pszRet);
+            if (FAILED(hr))
+                return hr;
pmedium->tymed = TYMED_HGLOBAL;
             pmedium->hGlobal = pszBuf;
Modified: trunk/reactos/dll/cpl/desk/screensaver.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/cpl/desk/screensaver.c?...
==============================================================================
--- trunk/reactos/dll/cpl/desk/screensaver.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/cpl/desk/screensaver.c	[iso-8859-1] Sun Jan 19 19:15:08 2014
@@ -333,11 +333,17 @@
     ScreenSaverItem *ScreenSaverItem;
     HANDLE           hModule;
     UINT             i, ScreenSaverCount;
+    HRESULT hr;
ScreenSaverCount = pData->ScreenSaverCount;
-    _tcscpy(szSearchPath, pszSearchPath);
-    _tcscat(szSearchPath, TEXT("\*.scr"));
+    
+    hr = StringCbCopy(szSearchPath, sizeof(szSearchPath), pszSearchPath);
+    if (FAILED(hr))
+        return;
+    hr = StringCbCat(szSearchPath, sizeof(szSearchPath), TEXT("\*.scr"));
+    if (FAILED(hr))
+        return;
hFind = FindFirstFile(szSearchPath, &fd);
@@ -351,9 +357,24 @@
         {
             TCHAR filename[MAX_PATH];
-            _tcscpy(filename, pszSearchPath);
-            _tcscat(filename, _T("\"));
-            _tcscat(filename, fd.cFileName);
+            hr = StringCbCopy(filename, sizeof(filename), pszSearchPath);
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
+            hr = StringCbCat(filename, sizeof(filename), _T("\"));
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
+            hr = StringCbCat(filename, sizeof(filename), fd.cFileName);
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
ScreenSaverItem = pData->ScreenSaverItems + ScreenSaverCount;
@@ -370,17 +391,33 @@
                           sizeof(ScreenSaverItem->szDisplayName) / sizeof(TCHAR)))
                 {
                     // If the string does not exists, copy the name of the file
-                    _tcscpy(ScreenSaverItem->szDisplayName, fd.cFileName);
+                    hr = StringCbCopy(ScreenSaverItem->szDisplayName, sizeof(ScreenSaverItem->szDisplayName), fd.cFileName);
+                    if (FAILED(hr))
+                    {
+                        FreeLibrary(hModule);
+                        FindClose(hFind);
+                        return;
+                    }
                     ScreenSaverItem->szDisplayName[_tcslen(fd.cFileName)-4] = '\0';
                 }
                 FreeLibrary(hModule);
             }
             else
             {
-               _tcscpy(ScreenSaverItem->szDisplayName, _T("Unknown"));
-            }
-
-            _tcscpy(ScreenSaverItem->szFilename, filename);
+                hr = StringCbCopy(ScreenSaverItem->szDisplayName, sizeof(ScreenSaverItem->szDisplayName), _T("Unknown"));
+                if (FAILED(hr))
+                {
+                    FindClose(hFind);
+                    return;
+                }
+            }
+
+            hr = StringCbCopy(ScreenSaverItem->szFilename, sizeof(ScreenSaverItem->szFilename), filename);
+            if (FAILED(hr))
+            {
+                FindClose(hFind);
+                return;
+            }
i = SendMessage(hwndScreenSavers,
                             CB_ADDSTRING,

    