Closed HashidaTKS closed 2 months ago
コード ファイル 行 列 lstrcpynW(szSelPath, pFileDlg->GetPathName(), MAX_PATH); C:\gitdir\Chronos\client_handler.cpp 864 5 lstrcpynW(szSelPath, pFileDlg->GetPathName(), MAX_PATH); C:\gitdir\Chronos\BroView.cpp 1485 5 lstrcpynW(szSelFolderPath, pFileDlg->GetPathName(), MAX_PATH); C:\gitdir\Chronos\BroView.cpp 1487 5 lstrcpynW(szSelFolderPath, pFileDlg->GetPathName(), MAX_PATH); C:\gitdir\Chronos\client_handler.cpp 867 5 lstrcpyn(values.szFullPath, fullPath, 512); C:\gitdir\Chronos\client_handler.cpp 942 5 lstrcpyn(m_szTextTip, strRet, _countof(m_szTextTip) - 1); C:\gitdir\Chronos\CTabWnd.cpp 822 6 lstrcpyn(szName, strTempTitle, _countof(szName) - 1); C:\gitdir\Chronos\CTabWnd.cpp 1072 5 lstrcpy(item->pszText, m_strTemp); C:\gitdir\Chronos\DlgDebugWnd.cpp 496 6 lstrcpyn(szFolder, strFileFullPath, MAX_PATH * 2); C:\gitdir\Chronos\DlgDL.h 36 5 lstrcpyn(szPath, m_AppSettings.GetRootPath(), MAX_PATH); C:\gitdir\Chronos\Sazabi.cpp 403 4 lstrcpyn(m_FrmWndClassName, strFrmWndClass, 512); C:\gitdir\Chronos\Sazabi.cpp 798 3 lstrcpy(FrmWndClassName, strFndWndChk); C:\gitdir\Chronos\Sazabi.cpp 1357 3 lstrcpyn(FrmWndClassName, strFrmWndClass, 255); C:\gitdir\Chronos\Sazabi.cpp 2448 5 lstrcpyn(szPath, strParam, MAX_PATH); C:\gitdir\Chronos\Sazabi.h 636 4 lstrcpyn(pVal, strVal, iSize); C:\gitdir\Chronos\sbcommon.h 1895 5 lstrcpyn(lpWideString, src, size); C:\gitdir\Chronos\sbcommon.h 2912 5 lstrcpyn(szFolder, strFileName, MAX_PATH * 2); C:\gitdir\Chronos\sbcommon.h 4040 7
lstrcpy family functions like lstcpyn are potentially unsecure: https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-lstrcpynw.
lstrcpy
lstcpyn
We should use StringCchCopy instead.
PR is merged.
HashidaTKS
commented
2 months ago HashidaTKS
commented
2 months ago
lstrcpyfamily functions likelstcpynare potentially unsecure: https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-lstrcpynw.We should use StringCchCopy instead.