mgradwohl
commented
7 years ago Note that in MyStatusBar.cpp I fixed a potential buffer overrun. The new code is:
// the 80 below comes from the declaration of pTTTW->szText
if (pNMHDR->code == TTN_NEEDTEXTW)
wcsncpy_s(pTTTW->szText, 80, szTip, _TRUNCATE);There has got to be a better way instead of just "80" in case the size of that changes.
In CWiseFile::GetSize64 we use wsprintf with Ix. This is a 64 bit hex number in 64bit OSes, 32bit hex on 32 bit OSes.
The docs for wsprintf recommend against using wsprintf: Security Considerations Using this function incorrectly can compromise the security of your application. The string returned in lpOut is not guaranteed to be null-terminated. Also, avoid the %s format -- it can lead to a buffer overrun. If an access violation occurs it causes a denial of service against your application. In the worse case, an attacker can inject executable code. Consider using one of the following alternatives: StringCbPrintf, StringCbPrintfEx, StringCbVPrintf, StringCbVPrintfEx, StringCchPrintf, StringCchPrintfEx, StringCchVPrintf, or StringCchVPrintfEx.