From patchwork Sun Mar 21 03:46:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kristof Provost via Openvpn-devel X-Patchwork-Id: 1645 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 6MnpJ4tgV2BUUAAAIUCqbw (envelope-from ) for ; Sun, 21 Mar 2021 11:04:43 -0400 Received: from proxy18.mail.ord1d.rsapps.net ([172.30.191.6]) by director14.mail.ord1d.rsapps.net with LMTP id KPbSJ4tgV2CoQgAAeJ7fFg (envelope-from ) for ; Sun, 21 Mar 2021 11:04:43 -0400 Received: from smtp15.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy18.mail.ord1d.rsapps.net with LMTPS id cBh4J4tgV2B6TwAATCaURg (envelope-from ) for ; Sun, 21 Mar 2021 11:04:43 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp15.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=pass header.d=lists.sourceforge.net; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=rozman.si; dmarc=pass (p=none; dis=none) header.from=lists.sourceforge.net X-Suspicious-Flag: NO X-Classification-ID: c43dccb8-8a56-11eb-a620-bc305bf03694-1-1 Received: from [216.105.38.7] ([216.105.38.7:60718] helo=lists.sourceforge.net) by smtp15.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 00/7B-23666-B8067506; Sun, 21 Mar 2021 11:04:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: Reply-To:From:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:MIME-Version:References:In-Reply-To: Message-Id:Date:To:Sender:Cc:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=7YtCiHoWQXTakvGI/skZpzbLdpokXbUJkyVY1h0ns+U=; b=GMjC4gDgZ446Wh8ZNrix626Gs mSoZyUkklf/aTxQKpkc0GllK/h3MPMYw5XlIWqJNboGu9MbOWkSDrcT/ZOCRhAltiVf7nG5V5yVUE 2c5l54c2/mVGpL+TFdKowE/T/kp8CYjy1C9iKrCBDVv92BYVMoFwRTM0tpiNp5y/oywQs=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lNzcT-0003ir-8e; Sun, 21 Mar 2021 15:03:57 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNzcO-0003hl-TI for openvpn-devel@lists.sourceforge.net; Sun, 21 Mar 2021 15:03:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=JEaF/HRSKa7i8ETS/IoV8T7YC/9wvBG8PfNJqH/FQPI=; b=S7BQlPqexZoTz4jSel70hKft6L o7hujM9SjqdPi6ZdvyQdIZrVI+oWgBY3rV/UKPfhsiOOntiGswTcm8llbMGdFlauXB9L4GJ6Cp2hZ ckv8+0fRjt06aJZY4gbIzP7fVRpl+b2GHodHeLUfMBznsJi0NXdLY9dAQzK+r69W4ecc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=JEaF/HRSKa7i8ETS/IoV8T7YC/9wvBG8PfNJqH/FQPI=; b=ez7CBKQCqChAR6yH/owiSUv27h XAjNeIsBOs6DYQsAW9hjNEv5d4NOUhvSY/w5d8x0hh5RX2RG1UNyHbN67/wQhvdTXzAVtWFUNV6dU qBwCehYm/IXIU34coT3OE5GKbAjeUiZChUQvW5Xh7rGPaN8QnRhJpET+m4RfyZH0rWjs=; Received: from krn.amebis.si ([93.103.235.207]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1lNzcG-0007cD-Ly for openvpn-devel@lists.sourceforge.net; Sun, 21 Mar 2021 15:03:52 +0000 Received: by krn.amebis.si (Postfix, from userid 982) id 65E3318E878B; Sun, 21 Mar 2021 15:46:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rozman.si; s=default; t=1616338006; bh=JEaF/HRSKa7i8ETS/IoV8T7YC/9wvBG8PfNJqH/FQPI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=VdAa+tG2RMejVrcgpLemkDc2vfKdsU5GW5jUyVqiCGtnwlqPgNHN6aG9grbK/+Jtj 8yIajaVv0IxRiCLO/MIUsDrhANdU5E9WiJqE+qT3Ysd/tpBTkklpyCohqp0BQlBlfA jk6O+ppMVmAbPeWvgxR/A/PddrG1vmcN9UMhZxu8= X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on krn.amebis.doma X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Received: from SR6.amebis.doma (unknown [IPv6:2a01:260:4101:1464:8095:bdbd:413f:700f]) by krn.amebis.si (Postfix) with ESMTP id C13C718E878A; Sun, 21 Mar 2021 15:46:43 +0100 (CET) To: openvpn-devel@lists.sourceforge.net Date: Sun, 21 Mar 2021 15:46:27 +0100 Message-Id: <20210321144627.1621-5-simon@rozman.si> X-Mailer: git-send-email 2.30.0.windows.2 In-Reply-To: <20210321144627.1621-1-simon@rozman.si> References: <20210321144627.1621-1-simon@rozman.si> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rozman.si] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lNzcG-0007cD-Ly Subject: [Openvpn-devel] [PATCH 5/5] iservice: Resolve MSVC C4996 warnings X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Simon Rozman via Openvpn-devel From: Kristof Provost via Openvpn-devel Reply-To: Simon Rozman Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Lots of string functions were declared unsafe in favor of ..._s() counterparts. However, the code already is careful about the buffer size. Code analysis is just not smart enough (yet) to detect this. The code was refactored to use ..._s() variants MSVC is considering as "safe". Signed-off-by: Simon Rozman Acked-By: Arne Schwabe --- src/openvpnserv/automatic.c | 8 ++++---- src/openvpnserv/common.c | 4 ++-- src/openvpnserv/interactive.c | 2 +- src/openvpnserv/service.c | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/openvpnserv/automatic.c b/src/openvpnserv/automatic.c index 3f2ca345..0ba222a0 100644 --- a/src/openvpnserv/automatic.c +++ b/src/openvpnserv/automatic.c @@ -137,7 +137,7 @@ modext(LPTSTR dest, size_t size, LPCTSTR src, LPCTSTR newext) if (size > 0 && (_tcslen(src) + 1) <= size) { - _tcscpy(dest, src); + _tcscpy_s(dest, size, src); dest [size - 1] = TEXT('\0'); i = _tcslen(dest); while (i-- > 0) @@ -154,8 +154,8 @@ modext(LPTSTR dest, size_t size, LPCTSTR src, LPCTSTR newext) } if (_tcslen(dest) + _tcslen(newext) + 2 <= size) { - _tcscat(dest, TEXT(".")); - _tcscat(dest, newext); + _tcscat_s(dest, size, TEXT(".")); + _tcscat_s(dest, size, newext); return true; } dest[0] = TEXT('\0'); @@ -271,7 +271,7 @@ ServiceStartAutomatic(DWORD dwArgc, LPTSTR *lpszArgv) BOOL more_files; TCHAR find_string[MAX_PATH]; - openvpn_sntprintf(find_string, MAX_PATH, TEXT("%s\\*"), settings.config_dir); + openvpn_sntprintf(find_string, _countof(find_string), TEXT("%s\\*"), settings.config_dir); find_handle = FindFirstFile(find_string, &find_obj); if (find_handle == INVALID_HANDLE_VALUE) diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c index 958643df..48769be4 100644 --- a/src/openvpnserv/common.c +++ b/src/openvpnserv/common.c @@ -37,7 +37,7 @@ openvpn_vsntprintf(LPTSTR str, size_t size, LPCTSTR format, va_list arglist) int len = -1; if (size > 0) { - len = _vsntprintf(str, size, format, arglist); + len = _vsntprintf_s(str, size, _TRUNCATE, format, arglist); str[size - 1] = 0; } return (len >= 0 && (size_t)len < size); @@ -311,7 +311,7 @@ get_win_sys_path(void) if (!GetSystemDirectoryW(win_sys_path, _countof(win_sys_path))) { - wcsncpy(win_sys_path, default_sys_path, _countof(win_sys_path)); + wcscpy_s(win_sys_path, _countof(win_sys_path), default_sys_path); win_sys_path[_countof(win_sys_path) - 1] = L'\0'; } diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index b073a0d5..ed83d2a3 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -1067,7 +1067,7 @@ netsh_dns_cmd(const wchar_t *action, const wchar_t *proto, const wchar_t *if_nam if (IsWindows7OrGreater()) { - wcsncat(cmdline, L" validate=no", ncmdline - wcslen(cmdline) - 1); + wcscat_s(cmdline, ncmdline, L" validate=no"); } err = ExecCommand(argv0, cmdline, timeout); diff --git a/src/openvpnserv/service.c b/src/openvpnserv/service.c index 8efe25f9..8101f83d 100644 --- a/src/openvpnserv/service.c +++ b/src/openvpnserv/service.c @@ -61,14 +61,14 @@ CmdInstallServices() TCHAR path[512]; int i, ret = _service_max; - if (GetModuleFileName(NULL, path + 1, 510) == 0) + if (GetModuleFileName(NULL, path + 1, _countof(path) - 2) == 0) { _tprintf(TEXT("Unable to install service - %s\n"), GetLastErrorText()); return 1; } path[0] = TEXT('\"'); - _tcscat(path, TEXT("\"")); + _tcscat_s(path, _countof(path), TEXT("\"")); svc_ctl_mgr = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT | SC_MANAGER_CREATE_SERVICE); if (svc_ctl_mgr == NULL)