Am 21.03.21 um 17:37 schrieb Simon Rozman:
> Hi,
>
>>> -73,14 +73,13 @@ find_function(const WCHAR *libname, const char
>> *funcname, HMODULE *m)
>>> return NULL;
>>> }
>>>
>>> -size_t len = _countof(libpath) - wcslen(libpath) - 1;
>>> -if (len < wcslen(libname) + 1)
>>> +i
Hi,
> > -73,14 +73,13 @@ find_function(const WCHAR *libname, const char
> *funcname, HMODULE *m)
> > return NULL;
> > }
> >
> > -size_t len = _countof(libpath) - wcslen(libpath) - 1;
> > -if (len < wcslen(libname) + 1)
> > +if (wcslen(libpath) + 1 /*\*/ + wcslen(libname) >
Am 21.03.21 um 15:46 schrieb Simon Rozman via Openvpn-devel:
> wcsncat() was declared unsafe in favour of wcsncat_s(). However, the
> string concatenation follows the string length check, making wcsncat()
> safe too. Code analysis is just not smart enough (yet) to detect this.
>
> The code was ref
wcsncat() was declared unsafe in favour of wcsncat_s(). However, the
string concatenation follows the string length check, making wcsncat()
safe too. Code analysis is just not smart enough (yet) to detect this.
The code was refactored to use wcscat_s() MSVC is considering as "safe".
Signed-off-by
