d32dd29e43ad0a4e2281e7866c807814dac23adf base/applications/sndvol32/dialog.c | 2 +- base/setup/lib/utils/osdetect.c | 2 +- base/setup/lib/utils/regutil.c | 4 ++-- base/setup/usetup/cmdcons.c | 2 +- base/setup/usetup/progress.c | 4 ++-- base/setup/usetup/usetup.c | 2 +- base/shell/cmd/cmdinput.c | 4 ++-- base/system/services/config.c | 9 ++++++++- dll/win32/aclui/sidcache.c | 9 ++++++++- dll/win32/advapi32/misc/hwprofiles.c | 8 ++++---- dll/win32/advapi32/reg/reg.c | 2 +- dll/win32/kernel32/client/vdm.c | 16 ++++++++++++---- dll/win32/lsasrv/lookup.c | 13 +++++++++++-- dll/win32/lsasrv/privileges.c | 4 ++-- dll/win32/msgina/gui.c | 8 ++++---- dll/win32/msv1_0/msv1_0.c | 10 ++++++++-- dll/win32/msv1_0/precomp.h | 1 + dll/win32/ntmarta/ntmarta.c | 18 ++++++++++++++++-- dll/win32/shell32/CShellLink.cpp | 14 +++++++++++--- dll/win32/shell32/folders/CPrinterFolder.cpp | 12 ++++++++++-- drivers/filesystems/fastfat_new/fatstruc.h | 1 + drivers/filesystems/npfs/main.c | 2 +- drivers/input/kbdclass/kbdclass.c | 4 ++-- drivers/input/mouclass/mouclass.c | 4 ++-- .../applications/explorer-old/shell/ntobjfs.cpp | 2 +- modules/rosapps/applications/fraginator/Unfrag.cpp | 2 +- modules/rosapps/applications/net/netreg/netreg.cpp | 6 +++--- .../rosapps/applications/net/roshttpd/include/httpd.h | 2 +- modules/rosapps/applications/notevil/notevil.c | 10 +++++----- .../applications/screensavers/cylfrac/cylfrac.c | 6 +++--- sdk/include/ddk/acpiioct.h | 2 +- sdk/include/psdk/intsafe.h | 2 ++ sdk/lib/crt/string/wtoi64.c | 4 ++-- sdk/lib/drivers/ip/network/loopback.c | 2 +- subsystems/mvdm/ntvdm/dos/dem.c | 2 +- win32ss/user/user32/windows/class.c | 2 +- 36 files changed, 134 insertions(+), 63 deletions(-) diff --git a/base/applications/sndvol32/dialog.c b/base/applications/sndvol32/dialog.c index 5a52272..6f9ec6f 100644 --- a/base/applications/sndvol32/dialog.c +++ b/base/applications/sndvol32/dialog.c @@ -338,7 +338,7 @@ LoadDialog( LPWORD Offset; WORD FontSize; WCHAR FontName[100]; - WORD Length; + SIZE_T Length; int width; DWORD units = GetDialogBaseUnits(); diff --git a/base/setup/lib/utils/osdetect.c b/base/setup/lib/utils/osdetect.c index d191c58..0ee246c 100644 --- a/base/setup/lib/utils/osdetect.c +++ b/base/setup/lib/utils/osdetect.c @@ -320,7 +320,7 @@ CheckForValidPEAndVendor( RtlStringCbCopyNW(VendorName->Buffer, VendorName->MaximumLength, pvData, BufLen * sizeof(WCHAR)); - VendorName->Length = wcslen(VendorName->Buffer) * sizeof(WCHAR); + VendorName->Length = (USHORT)wcslen(VendorName->Buffer) * sizeof(WCHAR); Success = TRUE; } diff --git a/base/setup/lib/utils/regutil.c b/base/setup/lib/utils/regutil.c index 60e0e9f..012acc0 100644 --- a/base/setup/lib/utils/regutil.c +++ b/base/setup/lib/utils/regutil.c @@ -78,7 +78,7 @@ CreateNestedKey(PHANDLE KeyHandle, break; } *Ptr = (WCHAR)0; - LocalKeyName.Length = wcslen(LocalKeyName.Buffer) * sizeof(WCHAR); + LocalKeyName.Length = (Ptr - LocalKeyName.Buffer) * sizeof(WCHAR); Status = NtCreateKey(&LocalKeyHandle, KEY_CREATE_SUB_KEY, @@ -110,7 +110,7 @@ CreateNestedKey(PHANDLE KeyHandle, NtClose(LocalKeyHandle); LocalKeyName.Buffer[LocalKeyName.Length / sizeof(WCHAR)] = L'\\'; - LocalKeyName.Length = wcslen(LocalKeyName.Buffer) * sizeof(WCHAR); + LocalKeyName.Length = (USHORT)wcslen(LocalKeyName.Buffer) * sizeof(WCHAR); Status = NtCreateKey(&LocalKeyHandle, KEY_ALL_ACCESS, diff --git a/base/setup/usetup/cmdcons.c b/base/setup/usetup/cmdcons.c index 0307c11..e1cd5c7 100644 --- a/base/setup/usetup/cmdcons.c +++ b/base/setup/usetup/cmdcons.c @@ -1026,7 +1026,7 @@ ReadCommand( { /* If this character insertion will cause screen scrolling, * adjust the saved origin of the command prompt. */ - tempscreen = strlen(str + current) + curx; + tempscreen = (USHORT)strlen(str + current) + curx; if ((tempscreen % State->maxx) == (State->maxx - 1) && (tempscreen / State->maxx) + cury == (State->maxy - 1)) { diff --git a/base/setup/usetup/progress.c b/base/setup/usetup/progress.c index 1d095ae..aa1f81d 100644 --- a/base/setup/usetup/progress.c +++ b/base/setup/usetup/progress.c @@ -240,7 +240,7 @@ DrawProgressBar( if (Bar->UpdateProgressProc && Bar->UpdateProgressProc(Bar, TRUE, TextBuffer, ARRAYSIZE(TextBuffer))) { - coPos.X = Bar->Left + (Bar->Width - strlen(TextBuffer) + 1) / 2; + coPos.X = Bar->Left + (Bar->Width - (USHORT)strlen(TextBuffer) + 1) / 2; coPos.Y = Bar->Top; WriteConsoleOutputCharacterA(StdOutput, TextBuffer, @@ -383,7 +383,7 @@ ProgressSetStep( if (Bar->UpdateProgressProc && Bar->UpdateProgressProc(Bar, FALSE, TextBuffer, ARRAYSIZE(TextBuffer))) { - coPos.X = Bar->Left + (Bar->Width - strlen(TextBuffer) + 1) / 2; + coPos.X = Bar->Left + (Bar->Width - (USHORT)strlen(TextBuffer) + 1) / 2; coPos.Y = Bar->Top; WriteConsoleOutputCharacterA(StdOutput, TextBuffer, diff --git a/base/setup/usetup/usetup.c b/base/setup/usetup/usetup.c index cdd6a3e..8ea32e1 100644 --- a/base/setup/usetup/usetup.c +++ b/base/setup/usetup/usetup.c @@ -1890,7 +1890,7 @@ ShowPartitionSizeInputBox(SHORT Left, coPos.X = Left + 2; coPos.Y = Top + 2; strcpy(Buffer, MUIGetString(STRING_PARTITIONSIZE)); - iLeft = coPos.X + strlen(Buffer) + 1; + iLeft = coPos.X + (USHORT)strlen(Buffer) + 1; iTop = coPos.Y; WriteConsoleOutputCharacterA(StdOutput, diff --git a/base/shell/cmd/cmdinput.c b/base/shell/cmd/cmdinput.c index e609c5a..e1c7c16 100644 --- a/base/shell/cmd/cmdinput.c +++ b/base/shell/cmd/cmdinput.c @@ -96,7 +96,7 @@ * 30-Apr-2004 (Filip Navara ) * Fixed problems when the screen was scrolled away. * - * 28-September-2007 (Hervé Poussineau) + * 28-September-2007 (HervĂ© Poussineau) * Added history possibilities to right key. */ @@ -142,7 +142,7 @@ BOOL ReadCommand(LPTSTR str, INT maxlen) SHORT orgy; SHORT curx; /*current x/y cursor position*/ SHORT cury; - SHORT tempscreen; + SIZE_T tempscreen; INT count; /*used in some for loops*/ INT current = 0; /*the position of the cursor in the string (str)*/ INT charcount = 0;/*chars in the string (str)*/ diff --git a/base/system/services/config.c b/base/system/services/config.c index a4b809b..e7785a9 100644 --- a/base/system/services/config.c +++ b/base/system/services/config.c @@ -476,9 +476,16 @@ ScmSetServicePassword( UNICODE_STRING Password; NTSTATUS Status; DWORD dwError = ERROR_SUCCESS; + SIZE_T ServiceNameLength; RtlZeroMemory(&ObjectAttributes, sizeof(OBJECT_ATTRIBUTES)); + ServiceNameLength = wcslen(pszServiceName); + if (ServiceNameLength > (UNICODE_STRING_MAX_CHARS - 4)) + { + return ERROR_INVALID_PARAMETER; + } + Status = LsaOpenPolicy(NULL, &ObjectAttributes, POLICY_CREATE_SECRET, @@ -486,7 +493,7 @@ ScmSetServicePassword( if (!NT_SUCCESS(Status)) return RtlNtStatusToDosError(Status); - ServiceName.Length = (wcslen(pszServiceName) + 4) * sizeof(WCHAR); + ServiceName.Length = ((USHORT)ServiceNameLength + 4) * sizeof(WCHAR); ServiceName.MaximumLength = ServiceName.Length + sizeof(WCHAR); ServiceName.Buffer = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, diff --git a/dll/win32/aclui/sidcache.c b/dll/win32/aclui/sidcache.c index e68cf93..1c9c726 100644 --- a/dll/win32/aclui/sidcache.c +++ b/dll/win32/aclui/sidcache.c @@ -176,11 +176,18 @@ OpenLSAPolicyHandle(IN LPWSTR SystemName, LSA_OBJECT_ATTRIBUTES LsaObjectAttributes = {0}; LSA_UNICODE_STRING LsaSystemName, *psn; NTSTATUS Status; + SIZE_T NameLength; if (SystemName != NULL && SystemName[0] != L'\0') { + NameLength = wcslen(SystemName); + if (NameLength > UNICODE_STRING_MAX_CHARS) + { + return FALSE; + } + LsaSystemName.Buffer = SystemName; - LsaSystemName.Length = wcslen(SystemName) * sizeof(WCHAR); + LsaSystemName.Length = NameLength * sizeof(WCHAR); LsaSystemName.MaximumLength = LsaSystemName.Length + sizeof(WCHAR); psn = &LsaSystemName; } diff --git a/dll/win32/advapi32/misc/hwprofiles.c b/dll/win32/advapi32/misc/hwprofiles.c index 980001d..88a0188 100644 --- a/dll/win32/advapi32/misc/hwprofiles.c +++ b/dll/win32/advapi32/misc/hwprofiles.c @@ -42,8 +42,8 @@ GetCurrentHwProfileA(LPHW_PROFILE_INFOA lpHwProfileInfo) lpHwProfileInfo->dwDockInfo = ProfileInfo.dwDockInfo; /* Convert the profile GUID to ANSI */ - StringU.Buffer = (PWCHAR)ProfileInfo.szHwProfileGuid; - StringU.Length = wcslen(ProfileInfo.szHwProfileGuid) * sizeof(WCHAR); + StringU.Buffer = ProfileInfo.szHwProfileGuid; + StringU.Length = (USHORT)wcslen(ProfileInfo.szHwProfileGuid) * sizeof(WCHAR); StringU.MaximumLength = HW_PROFILE_GUIDLEN * sizeof(WCHAR); StringA.Buffer = (PCHAR)&lpHwProfileInfo->szHwProfileGuid; StringA.Length = 0; @@ -58,8 +58,8 @@ GetCurrentHwProfileA(LPHW_PROFILE_INFOA lpHwProfileInfo) } /* Convert the profile name to ANSI */ - StringU.Buffer = (PWCHAR)ProfileInfo.szHwProfileName; - StringU.Length = wcslen(ProfileInfo.szHwProfileName) * sizeof(WCHAR); + StringU.Buffer = ProfileInfo.szHwProfileName; + StringU.Length = (USHORT)wcslen(ProfileInfo.szHwProfileName) * sizeof(WCHAR); StringU.MaximumLength = MAX_PROFILE_LEN * sizeof(WCHAR); StringA.Buffer = (PCHAR)&lpHwProfileInfo->szHwProfileName; StringA.Length = 0; diff --git a/dll/win32/advapi32/reg/reg.c b/dll/win32/advapi32/reg/reg.c index b3e08e1..0953a06 100644 --- a/dll/win32/advapi32/reg/reg.c +++ b/dll/win32/advapi32/reg/reg.c @@ -961,7 +961,7 @@ CreateNestedKey(PHKEY KeyHandle, } *Ptr = (WCHAR)0; - LocalKeyName.Length = wcslen(LocalKeyName.Buffer) * sizeof(WCHAR); + LocalKeyName.Length = (USHORT)wcslen(LocalKeyName.Buffer) * sizeof(WCHAR); Status = NtCreateKey(&LocalKeyHandle, KEY_CREATE_SUB_KEY, diff --git a/dll/win32/kernel32/client/vdm.c b/dll/win32/kernel32/client/vdm.c index ff6e785..07022d8 100644 --- a/dll/win32/kernel32/client/vdm.c +++ b/dll/win32/kernel32/client/vdm.c @@ -105,7 +105,7 @@ BaseCheckVDM(IN ULONG BinaryType, PWCHAR CurrentDir = NULL; PWCHAR ShortAppName = NULL; PWCHAR ShortCurrentDir = NULL; - ULONG Length; + SIZE_T Length; PCHAR AnsiCmdLine = NULL; PCHAR AnsiAppName = NULL; PCHAR AnsiCurDirectory = NULL; @@ -283,16 +283,24 @@ BaseCheckVDM(IN ULONG BinaryType, goto Cleanup; } + /* Make sure that the command line isn't too long */ + Length = wcslen(CommandLine); + if (Length > UNICODE_STRING_MAX_CHARS - 1) + { + Status = STATUS_INVALID_PARAMETER; + goto Cleanup; + } + /* Setup the input parameters */ CheckVdm->ConsoleHandle = NtCurrentPeb()->ProcessParameters->ConsoleHandle; CheckVdm->BinaryType = BinaryType; CheckVdm->CodePage = CP_ACP; CheckVdm->dwCreationFlags = CreationFlags; CheckVdm->CurDrive = CurrentDirectory[0] - L'A'; - CheckVdm->CmdLen = wcslen(CommandLine) + 1; - CheckVdm->AppLen = wcslen(ShortAppName) + 1; + CheckVdm->CmdLen = (USHORT)Length + 1; + CheckVdm->AppLen = (USHORT)wcslen(ShortAppName) + 1; CheckVdm->PifLen = 0; // TODO: PIF file support! - CheckVdm->CurDirectoryLen = wcslen(ShortCurrentDir) + 1; + CheckVdm->CurDirectoryLen = (USHORT)wcslen(ShortCurrentDir) + 1; CheckVdm->EnvLen = AnsiEnvironment->Length; CheckVdm->DesktopLen = (StartupInfo->lpDesktop != NULL) ? (wcslen(StartupInfo->lpDesktop) + 1) : 0; CheckVdm->TitleLen = (StartupInfo->lpTitle != NULL) ? (wcslen(StartupInfo->lpTitle) + 1) : 0; diff --git a/dll/win32/lsasrv/lookup.c b/dll/win32/lsasrv/lookup.c index f593f2b..7d39169 100644 --- a/dll/win32/lsasrv/lookup.c +++ b/dll/win32/lsasrv/lookup.c @@ -96,9 +96,18 @@ LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, PSID *SidPtr) { PWELL_KNOWN_SID SidEntry; + SIZE_T AccountNameLength, DomainNameLength; PULONG p; ULONG i; + AccountNameLength = wcslen(AccountName); + DomainNameLength = wcslen(DomainName); + if ((AccountNameLength > UNICODE_STRING_MAX_CHARS) || + (DomainNameLength > UNICODE_STRING_MAX_CHARS)) + { + return FALSE; + } + SidEntry = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WELL_KNOWN_SID)); if (SidEntry == NULL) return FALSE; @@ -126,7 +135,7 @@ LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, // RtlInitUnicodeString(&SidEntry->AccountName, // AccountName); - SidEntry->AccountName.Length = wcslen(AccountName) * sizeof(WCHAR); + SidEntry->AccountName.Length = (USHORT)AccountNameLength * sizeof(WCHAR); SidEntry->AccountName.MaximumLength = SidEntry->AccountName.Length + sizeof(WCHAR); SidEntry->AccountName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, SidEntry->AccountName.MaximumLength); @@ -142,7 +151,7 @@ LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, // RtlInitUnicodeString(&SidEntry->DomainName, // DomainName); - SidEntry->DomainName.Length = wcslen(DomainName) * sizeof(WCHAR); + SidEntry->DomainName.Length = (USHORT)DomainNameLength * sizeof(WCHAR); SidEntry->DomainName.MaximumLength = SidEntry->DomainName.Length + sizeof(WCHAR); SidEntry->DomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, SidEntry->DomainName.MaximumLength); diff --git a/dll/win32/lsasrv/privileges.c b/dll/win32/lsasrv/privileges.c index bb2b36f..5f63144 100644 --- a/dll/win32/lsasrv/privileges.c +++ b/dll/win32/lsasrv/privileges.c @@ -99,7 +99,7 @@ LsarpLookupPrivilegeName(PLUID Value, if (NameBuffer == NULL) return STATUS_NO_MEMORY; - NameBuffer->Length = wcslen(WellKnownPrivileges[Priv].Name) * sizeof(WCHAR); + NameBuffer->Length = (USHORT)wcslen(WellKnownPrivileges[Priv].Name) * sizeof(WCHAR); NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR); NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength); @@ -354,7 +354,7 @@ LsapLookupAccountRightName(ULONG RightValue, if (NameBuffer == NULL) return STATUS_NO_MEMORY; - NameBuffer->Length = wcslen(WellKnownRights[i].Name) * sizeof(WCHAR); + NameBuffer->Length = (USHORT)wcslen(WellKnownRights[i].Name) * sizeof(WCHAR); NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR); NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength); diff --git a/dll/win32/msgina/gui.c b/dll/win32/msgina/gui.c index 6301a19..bd3c93b 100644 --- a/dll/win32/msgina/gui.c +++ b/dll/win32/msgina/gui.c @@ -556,7 +556,7 @@ DoChangePassword( Ptr = (LPWSTR)((ULONG_PTR)RequestBuffer + sizeof(MSV1_0_CHANGEPASSWORD_REQUEST)); /* Pack the domain name */ - RequestBuffer->DomainName.Length = wcslen(Domain) * sizeof(WCHAR); + RequestBuffer->DomainName.Length = (USHORT)wcslen(Domain) * sizeof(WCHAR); RequestBuffer->DomainName.MaximumLength = RequestBuffer->DomainName.Length + sizeof(WCHAR); RequestBuffer->DomainName.Buffer = Ptr; @@ -567,7 +567,7 @@ DoChangePassword( Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->DomainName.MaximumLength); /* Pack the user name */ - RequestBuffer->AccountName.Length = wcslen(UserName) * sizeof(WCHAR); + RequestBuffer->AccountName.Length = (USHORT)wcslen(UserName) * sizeof(WCHAR); RequestBuffer->AccountName.MaximumLength = RequestBuffer->AccountName.Length + sizeof(WCHAR); RequestBuffer->AccountName.Buffer = Ptr; @@ -578,7 +578,7 @@ DoChangePassword( Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->AccountName.MaximumLength); /* Pack the old password */ - RequestBuffer->OldPassword.Length = wcslen(OldPassword) * sizeof(WCHAR); + RequestBuffer->OldPassword.Length = (USHORT)wcslen(OldPassword) * sizeof(WCHAR); RequestBuffer->OldPassword.MaximumLength = RequestBuffer->OldPassword.Length + sizeof(WCHAR); RequestBuffer->OldPassword.Buffer = Ptr; @@ -589,7 +589,7 @@ DoChangePassword( Ptr = (LPWSTR)((ULONG_PTR)Ptr + RequestBuffer->OldPassword.MaximumLength); /* Pack the new password */ - RequestBuffer->NewPassword.Length = wcslen(NewPassword1) * sizeof(WCHAR); + RequestBuffer->NewPassword.Length = (USHORT)wcslen(NewPassword1) * sizeof(WCHAR); RequestBuffer->NewPassword.MaximumLength = RequestBuffer->NewPassword.Length + sizeof(WCHAR); RequestBuffer->NewPassword.Buffer = Ptr; diff --git a/dll/win32/msv1_0/msv1_0.c b/dll/win32/msv1_0/msv1_0.c index 6db439c..45f184b 100644 --- a/dll/win32/msv1_0/msv1_0.c +++ b/dll/win32/msv1_0/msv1_0.c @@ -102,18 +102,24 @@ BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, PVOID ClientBaseAddress = NULL; LPWSTR Ptr; ULONG BufferLength; + USHORT ComputerNameLength; NTSTATUS Status = STATUS_SUCCESS; *ProfileBuffer = NULL; *ProfileBufferLength = 0; + if (UIntPtrToUShort(wcslen(ComputerName), &ComputerNameLength) != S_OK) + { + return STATUS_INVALID_PARAMETER; + } + BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) + UserInfo->All.FullName.Length + sizeof(WCHAR) + UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) + UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) + UserInfo->All.ScriptPath.Length + sizeof(WCHAR) + UserInfo->All.ProfilePath.Length + sizeof(WCHAR) + - ((wcslen(ComputerName) + 3) * sizeof(WCHAR)); + ((ComputerNameLength + 3) * sizeof(WCHAR)); LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength); if (LocalBuffer == NULL) @@ -204,7 +210,7 @@ BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength); - LocalBuffer->LogonServer.Length = (wcslen(ComputerName) + 2) * sizeof(WCHAR); + LocalBuffer->LogonServer.Length = (ComputerNameLength + 2) * sizeof(WCHAR); LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR); LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); wcscpy(Ptr, L"\\"); diff --git a/dll/win32/msv1_0/precomp.h b/dll/win32/msv1_0/precomp.h index c414024..1428529 100644 --- a/dll/win32/msv1_0/precomp.h +++ b/dll/win32/msv1_0/precomp.h @@ -8,6 +8,7 @@ #include #include #include +#include #define NTOS_MODE_USER #include #include diff --git a/dll/win32/ntmarta/ntmarta.c b/dll/win32/ntmarta/ntmarta.c index 7eea9a8..c519fea 100644 --- a/dll/win32/ntmarta/ntmarta.c +++ b/dll/win32/ntmarta/ntmarta.c @@ -403,12 +403,19 @@ AccpOpenLSAPolicyHandle(IN LPWSTR SystemName, { LSA_OBJECT_ATTRIBUTES LsaObjectAttributes = {0}; LSA_UNICODE_STRING LsaSystemName, *psn; + SIZE_T SystemNameLength; NTSTATUS Status; if (SystemName != NULL && SystemName[0] != L'\0') { + SystemNameLength = wcslen(SystemName); + if (SystemNameLength > UNICODE_STRING_MAX_CHARS) + { + return ERROR_INVALID_PARAMETER; + } + LsaSystemName.Buffer = SystemName; - LsaSystemName.Length = wcslen(SystemName) * sizeof(WCHAR); + LsaSystemName.Length = (USHORT)SystemNameLength * sizeof(WCHAR); LsaSystemName.MaximumLength = LsaSystemName.Length + sizeof(WCHAR); psn = &LsaSystemName; } @@ -498,10 +505,17 @@ AccpLookupSidByName(IN LSA_HANDLE PolicyHandle, PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL; PLSA_TRANSLATED_SID2 TranslatedSid = NULL; DWORD SidLen; + SIZE_T NameLength; DWORD Ret = ERROR_SUCCESS; + NameLength = wcslen(Name); + if (NameLength > UNICODE_STRING_MAX_CHARS) + { + return ERROR_INVALID_PARAMETER; + } + LsaNames[0].Buffer = Name; - LsaNames[0].Length = wcslen(Name) * sizeof(WCHAR); + LsaNames[0].Length = (USHORT)NameLength * sizeof(WCHAR); LsaNames[0].MaximumLength = LsaNames[0].Length + sizeof(WCHAR); Status = LsaLookupNames2(PolicyHandle, diff --git a/dll/win32/shell32/CShellLink.cpp b/dll/win32/shell32/CShellLink.cpp index 2800510..8403051 100644 --- a/dll/win32/shell32/CShellLink.cpp +++ b/dll/win32/shell32/CShellLink.cpp @@ -784,16 +784,24 @@ HRESULT STDMETHODCALLTYPE CShellLink::Load(IStream *stm) */ static HRESULT Stream_WriteString(IStream* stm, LPCWSTR str) { - USHORT len = wcslen(str) + 1; // FIXME: Possible overflows? + SIZE_T length; + USHORT len; DWORD count; + length = wcslen(str) + 1; + if (length > MAXUSHORT) + { + return E_INVALIDARG; + } + + len = (USHORT)length; HRESULT hr = stm->Write(&len, sizeof(len), &count); if (FAILED(hr)) return hr; - len *= sizeof(WCHAR); + length *= sizeof(WCHAR); - hr = stm->Write(str, len, &count); + hr = stm->Write(str, (ULONG)length, &count); if (FAILED(hr)) return hr; diff --git a/dll/win32/shell32/folders/CPrinterFolder.cpp b/dll/win32/shell32/folders/CPrinterFolder.cpp index 83290cc..0f437ea 100644 --- a/dll/win32/shell32/folders/CPrinterFolder.cpp +++ b/dll/win32/shell32/folders/CPrinterFolder.cpp @@ -102,17 +102,25 @@ static LPITEMIDLIST _ILCreatePrinterItem(PRINTER_INFO_4W *pi) PIDLPrinterStruct * p; int size0 = (char*)&tmp.u.cprinter.szName - (char*)&tmp.u.cprinter; int size = size0; + SIZE_T cchPrinterName, cchServerName; + + cchPrinterName = wcslen(pi->pPrinterName); + cchServerName = wcslen(pi->pServerName); + if ((cchPrinterName + cchServerName) > (MAXUSHORT - 2)) + { + return NULL; + } tmp.type = 0x00; tmp.u.cprinter.dummy = 0xFF; if (pi->pPrinterName) - tmp.u.cprinter.offsServer = wcslen(pi->pPrinterName) + 1; + tmp.u.cprinter.offsServer = cchPrinterName + 1; else tmp.u.cprinter.offsServer = 1; size += tmp.u.cprinter.offsServer * sizeof(WCHAR); if (pi->pServerName) - size += (wcslen(pi->pServerName) + 1) * sizeof(WCHAR); + size += (cchServerName + 1) * sizeof(WCHAR); else size += sizeof(WCHAR); diff --git a/drivers/filesystems/fastfat_new/fatstruc.h b/drivers/filesystems/fastfat_new/fatstruc.h index edd1f28..4bf8294 100644 --- a/drivers/filesystems/fastfat_new/fatstruc.h +++ b/drivers/filesystems/fastfat_new/fatstruc.h @@ -20,6 +20,7 @@ Abstract: typedef PVOID PBCB; //**** Bcb's are now part of the cache module #ifdef __REACTOS__ +#undef __volatile #define __volatile volatile #endif diff --git a/drivers/filesystems/npfs/main.c b/drivers/filesystems/npfs/main.c index 7aeff77..13b94ba 100644 --- a/drivers/filesystems/npfs/main.c +++ b/drivers/filesystems/npfs/main.c @@ -42,7 +42,7 @@ NpReadAlias( { PNPFS_QUERY_VALUE_CONTEXT QueryContext = Context; PWSTR CurrentString; - USHORT Length; + SIZE_T Length; PNPFS_ALIAS CurrentAlias; UNICODE_STRING TempString; PUNICODE_STRING CurrentTargetName; diff --git a/drivers/input/kbdclass/kbdclass.c b/drivers/input/kbdclass/kbdclass.c index c18b0c7..6fc300a 100644 --- a/drivers/input/kbdclass/kbdclass.c +++ b/drivers/input/kbdclass/kbdclass.c @@ -4,7 +4,7 @@ * FILE: drivers/kbdclass/kbdclass.c * PURPOSE: Keyboard class driver * - * PROGRAMMERS: Hervé Poussineau (hpoussin@reactos.org) + * PROGRAMMERS: HervĂ© Poussineau (hpoussin@reactos.org) */ #include "kbdclass.h" @@ -329,7 +329,7 @@ CreateClassDeviceObject( DriverExtension = IoGetDriverObjectExtension(DriverObject, DriverObject); DeviceNameU.Length = 0; DeviceNameU.MaximumLength = - wcslen(L"\\Device\\") * sizeof(WCHAR) /* "\Device\" */ + (USHORT)wcslen(L"\\Device\\") * sizeof(WCHAR) /* "\Device\" */ + DriverExtension->DeviceBaseName.Length /* "KeyboardClass" */ + 4 * sizeof(WCHAR) /* Id between 0 and 9999 */ + sizeof(UNICODE_NULL); /* Final NULL char */ diff --git a/drivers/input/mouclass/mouclass.c b/drivers/input/mouclass/mouclass.c index 8628c58..1caf535 100644 --- a/drivers/input/mouclass/mouclass.c +++ b/drivers/input/mouclass/mouclass.c @@ -4,7 +4,7 @@ * FILE: drivers/mouclass/mouclass.c * PURPOSE: Mouse class driver * - * PROGRAMMERS: Hervé Poussineau (hpoussin@reactos.org) + * PROGRAMMERS: HervĂ© Poussineau (hpoussin@reactos.org) */ #include "mouclass.h" @@ -305,7 +305,7 @@ CreateClassDeviceObject( DriverExtension = IoGetDriverObjectExtension(DriverObject, DriverObject); DeviceNameU.Length = 0; DeviceNameU.MaximumLength = - wcslen(L"\\Device\\") * sizeof(WCHAR) /* "\Device\" */ + (USHORT)wcslen(L"\\Device\\") * sizeof(WCHAR) /* "\Device\" */ + DriverExtension->DeviceBaseName.Length /* "PointerClass" */ + 4 * sizeof(WCHAR) /* Id between 0 and 9999 */ + sizeof(UNICODE_NULL); /* Final NULL char */ diff --git a/modules/rosapps/applications/explorer-old/shell/ntobjfs.cpp b/modules/rosapps/applications/explorer-old/shell/ntobjfs.cpp index ee6fd12..fa75e06 100644 --- a/modules/rosapps/applications/explorer-old/shell/ntobjfs.cpp +++ b/modules/rosapps/applications/explorer-old/shell/ntobjfs.cpp @@ -140,7 +140,7 @@ struct UnicodeString : public RtlUnicodeString { UnicodeString(size_t len, LPWSTR buffer) { - alloc_len = len; + alloc_len = (WORD)len; string_ptr = buffer; } diff --git a/modules/rosapps/applications/fraginator/Unfrag.cpp b/modules/rosapps/applications/fraginator/Unfrag.cpp index 0675021..4ea5a97 100644 --- a/modules/rosapps/applications/fraginator/Unfrag.cpp +++ b/modules/rosapps/applications/fraginator/Unfrag.cpp @@ -233,7 +233,7 @@ extern "C" int wmain (int argc, wchar_t **argv) // Now set back to the beginning ScreenInfo.dwCursorPosition.X = 0; - ScreenInfo.dwCursorPosition.Y -= Drives.size(); + ScreenInfo.dwCursorPosition.Y -= (USHORT)Drives.size(); SetConsoleCursorPosition (Screen, ScreenInfo.dwCursorPosition); for (size_t d = 0; d < Drives.size (); d++) diff --git a/modules/rosapps/applications/net/netreg/netreg.cpp b/modules/rosapps/applications/net/netreg/netreg.cpp index 35f0221..3814587 100644 --- a/modules/rosapps/applications/net/netreg/netreg.cpp +++ b/modules/rosapps/applications/net/netreg/netreg.cpp @@ -182,10 +182,10 @@ private: } string present_value( DWORD type, const char *data, DWORD len ) { - switch( type ) { - default: + //switch( type ) { + //default: return bindump( data, len ); - } + //} } void process_valid_request( HKEY open_reg_key, string key_name ) { diff --git a/modules/rosapps/applications/net/roshttpd/include/httpd.h b/modules/rosapps/applications/net/roshttpd/include/httpd.h index ff85940..41a273f 100644 --- a/modules/rosapps/applications/net/roshttpd/include/httpd.h +++ b/modules/rosapps/applications/net/roshttpd/include/httpd.h @@ -67,7 +67,7 @@ public: virtual BOOL Stop(); virtual LPCServerClientSocket OnGetSocket(LPCServerSocket lpServerSocket); virtual LPCServerClientThread OnGetThread(LPCServerClientSocket Socket); - virtual void OnAccept(const LPCServerClientThread lpThread); + virtual void OnAccept(LPCServerClientThread lpThread); private: HTTPdState State; }; diff --git a/modules/rosapps/applications/notevil/notevil.c b/modules/rosapps/applications/notevil/notevil.c index 8c9cdce..1859d93 100644 --- a/modules/rosapps/applications/notevil/notevil.c +++ b/modules/rosapps/applications/notevil/notevil.c @@ -44,25 +44,25 @@ WriteStringAt(LPWSTR lpString, WORD wColor) { DWORD cWritten = 0; - WORD wLen; + DWORD dwLen; if (!lpString || *lpString == 0) return; - wLen = wcslen(lpString); + dwLen = (DWORD)wcslen(lpString); /* Don't bother writing text when erasing */ if (wColor) { WriteConsoleOutputCharacterW(ScreenBuffer, lpString, - wLen, + dwLen, xy, &cWritten); } FillConsoleOutputAttribute(ScreenBuffer, wColor, - wLen, + dwLen, xy, &cWritten); } @@ -103,7 +103,7 @@ DisplayTitle(VOID) LPWSTR szTitle = L"ReactOS Coders Console Parade"; COORD xy; - xy.X = (ScreenBufferInfo.dwSize.X - wcslen(szTitle)) / 2; + xy.X = (ScreenBufferInfo.dwSize.X - (USHORT)wcslen(szTitle)) / 2; xy.Y = ScreenBufferInfo.dwSize.Y / 2; WriteStringAt(szTitle, xy, diff --git a/modules/rosapps/applications/screensavers/cylfrac/cylfrac.c b/modules/rosapps/applications/screensavers/cylfrac/cylfrac.c index be0bb41..d2f2326 100644 --- a/modules/rosapps/applications/screensavers/cylfrac/cylfrac.c +++ b/modules/rosapps/applications/screensavers/cylfrac/cylfrac.c @@ -106,8 +106,8 @@ void DrawScene(HWND hwnd, HDC dc, int ticks) angle += ticks * 0.01; colorh += ticks * 0.003; if (colorh > 360.0) colorh -= 360.0; - HLStoRGB(colorh, 1.0, 0.7, &rval, &gval, &bval); - DrawCylinder(lvls, angle, 0.2); + HLStoRGB(colorh, 1.0f, 0.7f, &rval, &gval, &bval); + DrawCylinder(lvls, angle, 0.2f); SwapBuffers(dc); EndPaint(hwnd, &ps); } @@ -134,7 +134,7 @@ void MyPixelFormat(HDC dc) void InitGL(HWND hwnd) { - GLfloat lightpos[4] = {2.0, 2.0, -2.0, 0.7}; + GLfloat lightpos[4] = {2.0f, 2.0f, -2.0f, 0.7f}; GLfloat ca = 1.0; dc = GetDC(hwnd); MyPixelFormat(dc); diff --git a/sdk/include/ddk/acpiioct.h b/sdk/include/ddk/acpiioct.h index 9468d5a..e064ded 100644 --- a/sdk/include/ddk/acpiioct.h +++ b/sdk/include/ddk/acpiioct.h @@ -159,7 +159,7 @@ typedef ACPI_ENUM_CHILDREN_OUTPUT_BUFFER UNALIGNED *PACPI_ENUM_CHILDREN_OUTPUT_B #define ACPI_METHOD_SET_ARGUMENT_STRING( Argument, StrData ) \ { Argument->Type = ACPI_METHOD_ARGUMENT_STRING; \ - Argument->DataLength = strlen((PCHAR)StrData) + sizeof(UCHAR); \ + Argument->DataLength = (USHORT)strlen((PCHAR)StrData) + sizeof(UCHAR); \ RtlCopyMemory(&Argument->Data[0],(PUCHAR)StrData,Argument->DataLength); } #define ACPI_METHOD_SET_ARGUMENT_BUFFER( Argument, BuffData, BuffLength ) \ diff --git a/sdk/include/psdk/intsafe.h b/sdk/include/psdk/intsafe.h index e30cb11..b9748a7 100644 --- a/sdk/include/psdk/intsafe.h +++ b/sdk/include/psdk/intsafe.h @@ -54,9 +54,11 @@ typedef _Return_type_success_(return >= 0) long NTSTATUS; #ifndef _HRESULT_DEFINED typedef _Return_type_success_(return >= 0) long HRESULT; #endif +#ifndef SUCCEEDED #define SUCCEEDED(hr) (((HRESULT)(hr)) >= 0) #define FAILED(hr) (((HRESULT)(hr)) < 0) #define S_OK ((HRESULT)0L) +#endif #define INTSAFE_RESULT HRESULT #define INTSAFE_SUCCESS S_OK #define INTSAFE_E_ARITHMETIC_OVERFLOW ((HRESULT)0x80070216L) diff --git a/sdk/lib/crt/string/wtoi64.c b/sdk/lib/crt/string/wtoi64.c index 94684fa..a377ecf 100644 --- a/sdk/lib/crt/string/wtoi64.c +++ b/sdk/lib/crt/string/wtoi64.c @@ -6,7 +6,7 @@ */ __int64 CDECL _wtoi64_l(const wchar_t *str, _locale_t locale) { - ULONGLONG RunningTotal = 0; + LONGLONG RunningTotal = 0; BOOL bMinus = FALSE; while (iswctype((int)*str, _SPACE)) { @@ -191,7 +191,7 @@ unsigned __int64 CDECL _wcstoui64_l(const wchar_t *nptr, if(endptr) *endptr = (wchar_t*)nptr; - return negative ? -ret : ret; + return negative ? -(__int64)ret : ret; } /********************************************************************* diff --git a/sdk/lib/drivers/ip/network/loopback.c b/sdk/lib/drivers/ip/network/loopback.c index c859ac7..815abeb 100644 --- a/sdk/lib/drivers/ip/network/loopback.c +++ b/sdk/lib/drivers/ip/network/loopback.c @@ -124,7 +124,7 @@ NDIS_STATUS LoopRegisterAdapter( Loopback->Name.Buffer = L"Loopback"; Loopback->Name.MaximumLength = Loopback->Name.Length = - wcslen(Loopback->Name.Buffer) * sizeof(WCHAR); + (USHORT)wcslen(Loopback->Name.Buffer) * sizeof(WCHAR); AddrInitIPv4(&Loopback->Unicast, LOOPBACK_ADDRESS_IPv4); AddrInitIPv4(&Loopback->Netmask, LOOPBACK_ADDRMASK_IPv4); diff --git a/subsystems/mvdm/ntvdm/dos/dem.c b/subsystems/mvdm/ntvdm/dos/dem.c index d1edc10..dcb7817 100644 --- a/subsystems/mvdm/ntvdm/dos/dem.c +++ b/subsystems/mvdm/ntvdm/dos/dem.c @@ -1131,7 +1131,7 @@ static VOID WINAPI DosInitialize(LPWORD Stack) /* Get the DOS BIOS file name (NULL-terminated) */ // FIXME: Isn't it possible to use some DS:SI instead?? LPCSTR DosBiosFileName = (LPCSTR)SEG_OFF_TO_PTR(getCS(), getIP()); - setIP(getIP() + strlen(DosBiosFileName) + 1); // Skip it + setIP(getIP() + (USHORT)strlen(DosBiosFileName) + 1); // Skip it DPRINT("DosInitialize('%s')\n", DosBiosFileName); diff --git a/win32ss/user/user32/windows/class.c b/win32ss/user/user32/windows/class.c index 0acf11b..3602c2c 100644 --- a/win32ss/user/user32/windows/class.c +++ b/win32ss/user/user32/windows/class.c @@ -111,7 +111,7 @@ ClassNameToVersion( ERR("Couldn't get atom name for atom %x !\n", LOWORD((DWORD_PTR)lpszClass)); return NULL; } - SectionName.Length = wcslen(SectionNameBuf) * sizeof(WCHAR); + SectionName.Length = (USHORT)wcslen(SectionNameBuf) * sizeof(WCHAR); TRACE("ClassNameToVersion got name %wZ from atom\n", &SectionName); } else