Merge pull request #5689 from akallabeth/cleanups

Cleanups

channels/audin/client/alsa/audin_alsa.c

@@ -91,6 +91,7 @@ static BOOL audin_alsa_set_params(AudinALSADevice* alsa,
                                   snd_pcm_t* capture_handle)
 {
 	int error;
+	SSIZE_T s;
 	UINT32 channels = alsa->aformat.nChannels;
 	snd_pcm_hw_params_t* hw_params;
 	snd_pcm_format_t format = audin_alsa_format(alsa->aformat.wFormatTag, alsa->aformat.wBitsPerSample);
@@ -113,8 +114,13 @@ static BOOL audin_alsa_set_params(AudinALSADevice* alsa,
 	snd_pcm_hw_params(capture_handle, hw_params);
 	snd_pcm_hw_params_free(hw_params);
 	snd_pcm_prepare(capture_handle);
-	alsa->aformat.nChannels = channels;
-	alsa->bytes_per_frame = snd_pcm_format_size(format, 1) * channels;
+	if (channels > UINT16_MAX)
+		return FALSE;
+	s = snd_pcm_format_size(format, 1);
+	if ((s < 0) || (s > UINT16_MAX))
+		return FALSE;
+	alsa->aformat.nChannels = (UINT16)channels;
+	alsa->bytes_per_frame = (size_t)s * channels;
 	return TRUE;
 }
 

channels/client/addin.c

@@ -163,10 +163,10 @@ static FREERDP_ADDIN** freerdp_channels_list_dynamic_addins(LPCSTR pszName, LPCS
 	size_t cchInstallPrefix;
 	FREERDP_ADDIN** ppAddins;
 	WIN32_FIND_DATAA FindData;
-	cchAddinPath = strlen(pszAddinPath);
-	cchInstallPrefix = strlen(pszInstallPrefix);
+	cchAddinPath = strnlen(pszAddinPath, sizeof(FREERDP_ADDIN_PATH));
+	cchInstallPrefix = strnlen(pszInstallPrefix, sizeof(FREERDP_INSTALL_PREFIX));
 	pszExtension = PathGetSharedLibraryExtensionA(0);
-	cchPattern = 128 + strlen(pszExtension) + 2;
+	cchPattern = 128 + strnlen(pszExtension, MAX_PATH) + 2;
 	pszPattern = (LPSTR) malloc(cchPattern + 1);
 
 	if (!pszPattern)
@@ -196,7 +196,7 @@ static FREERDP_ADDIN** freerdp_channels_list_dynamic_addins(LPCSTR pszName, LPCS
 		          pszExtension);
 	}
 
-	cchPattern = strlen(pszPattern);
+	cchPattern = strnlen(pszPattern, cchPattern);
 	cchSearchPath = cchInstallPrefix + cchAddinPath + cchPattern + 3;
 	pszSearchPath = (LPSTR) malloc(cchSearchPath + 1);
 

channels/cliprdr/cliprdr_common.c

@@ -216,7 +216,7 @@ wStream* cliprdr_packet_format_list_new(const CLIPRDR_FORMAT_LIST* formatList, B
 			if (asciiNames)
 			{
 				if (szFormatName)
-					formatNameLength = strlen(szFormatName);
+					formatNameLength = strnlen(szFormatName, 32);
 
 				if (formatNameLength > 31)
 					formatNameLength = 31;

channels/cliprdr/server/cliprdr_main.c

@@ -545,7 +545,7 @@ static UINT cliprdr_server_receive_temporary_directory(CliprdrServerContext*
 		return ERROR_INVALID_DATA;
 	}
 
-	length = strlen(cliprdr->temporaryDirectory);
+	length = strnlen(cliprdr->temporaryDirectory, 520);
 
 	if (length > 519)
 		length = 519;

channels/printer/client/printer_main.c

@@ -130,7 +130,9 @@ static BOOL printer_write_setting(const char* path, prn_conf_t type, const void*
 		if (!base64)
 			goto fail;
 
-		b64len = strlen(base64);
+		/* base64 char represents 6bit -> 4*(n/3) is the length which is
+		 * always smaller than 2*n */
+		b64len = strnlen(base64, 2 * length);
 		rc = WriteFile(file, base64, b64len, &written, NULL);
 
 		if (b64len != written)

channels/rdp2tcp/client/rdp2tcp_main.c

@@ -300,7 +300,7 @@ BOOL VCAPITYPE VirtualChannelEntryEx(PCHANNEL_ENTRY_POINTS pEntryPoints, PVOID p
 	if (init_external_addin(plugin) < 0)
 		return FALSE;
 
-	strcpy(channelDef.name, RDP2TCP_CHAN_NAME);
+	strncpy(channelDef.name, RDP2TCP_CHAN_NAME, sizeof(channelDef.name));
 	channelDef.options =
 	    CHANNEL_OPTION_INITIALIZED |
 	    CHANNEL_OPTION_ENCRYPT_RDP |

channels/remdesk/client/remdesk_main.c

@@ -192,7 +192,7 @@ static UINT remdesk_write_channel_header(wStream* s,
 		ChannelNameW[index] = (WCHAR) header->ChannelName[index];
 	}
 
-	ChannelNameLen = (strlen(header->ChannelName) + 1) * 2;
+	ChannelNameLen = (strnlen(header->ChannelName, sizeof(header->ChannelName)) + 1) * 2;
 	Stream_Write_UINT32(s, ChannelNameLen); /* ChannelNameLen (4 bytes) */
 	Stream_Write_UINT32(s, header->DataLength); /* DataLen (4 bytes) */
 	Stream_Write(s, ChannelNameW, ChannelNameLen); /* ChannelName (variable) */

channels/remdesk/server/remdesk_main.c

@@ -116,7 +116,7 @@ static UINT remdesk_write_channel_header(wStream* s,
 		ChannelNameW[index] = (WCHAR) header->ChannelName[index];
 	}
 
-	ChannelNameLen = (strlen(header->ChannelName) + 1) * 2;
+	ChannelNameLen = (strnlen(header->ChannelName, sizeof(header->ChannelName)) + 1) * 2;
 	Stream_Write_UINT32(s, ChannelNameLen); /* ChannelNameLen (4 bytes) */
 	Stream_Write_UINT32(s, header->DataLength); /* DataLen (4 bytes) */
 	Stream_Write(s, ChannelNameW, ChannelNameLen); /* ChannelName (variable) */

channels/serial/client/serial_main.c

@@ -825,7 +825,7 @@ UINT DeviceServiceEntry(PDEVICE_SERVICE_ENTRY_POINTS pEntryPoints)
 	char* driver;
 	RDPDR_SERIAL* device;
 #if defined __linux__ && !defined ANDROID
-	int i, len;
+	size_t i, len;
 	SERIAL_DEVICE* serial;
 #endif /* __linux__ */
 	UINT error = CHANNEL_RC_OK;

channels/tsmf/client/tsmf_media.c

@@ -491,7 +491,7 @@ static BOOL tsmf_sample_playback_video(TSMF_SAMPLE* sample)
 			fwrite("P5\n", 1, 3, fp);
 			sprintf_s(buf, sizeof(buf), "%"PRIu32" %"PRIu32"\n", sample->stream->width,
 			          sample->stream->height);
-			fwrite(buf, 1, strlen(buf), fp);
+			fwrite(buf, 1, strnlen(buf, sizeof(buf)), fp);
 			fwrite("255\n", 1, 4, fp);
 			fwrite(sample->data, 1, sample->stream->width * sample->stream->height, fp);
 			fflush(fp);

client/X11/xf_client.c

@@ -532,7 +532,8 @@ static char* xf_window_get_title(rdpSettings* settings)
 		return _strdup(settings->WindowTitle);
 
 	port = (settings->ServerPort != 3389);
-	size = strlen(name) + 16;
+	/* Just assume a window title is never longer than a filename... */
+	size = strnlen(name, MAX_PATH) + 16;
 	windowTitle = calloc(size, sizeof(char));
 
 	if (!windowTitle)

client/X11/xf_floatbar.c

@@ -392,8 +392,8 @@ static void xf_floatbar_event_expose(xfFloatbar* floatbar, XEvent* event)
 	/* draw an border for the floatbar */
 	XSetForeground(display, gc, xf_floatbar_get_color(floatbar, FLOATBAR_COLOR_BORDER));
 	XDrawLines(display, floatbar->handle, gc, border, 5, CoordModeOrigin);
-	/* draw the host name connected to */
-	len = strlen(floatbar->title);
+	/* draw the host name connected to (limit to maximum file name) */
+	len = strnlen(floatbar->title, MAX_PATH);
 	XSetForeground(display, gc, xf_floatbar_get_color(floatbar, FLOATBAR_COLOR_FOREGROUND));
 	XDrawString(display, floatbar->handle, gc, floatbar->width / 2 - len * 2, 15,
 	            floatbar->title, len);

client/X11/xf_window.c

@@ -107,7 +107,7 @@ typedef struct _PropMotifWmHints PropMotifWmHints;
 
 static void xf_SetWindowTitleText(xfContext* xfc, Window window, const char* name)
 {
-	const size_t i = strlen(name);
+	const size_t i = strnlen(name, MAX_PATH);
 	XStoreName(xfc->display, window, name);
 	Atom wm_Name = xfc->_NET_WM_NAME;
 	Atom utf8Str = xfc->UTF8_STRING;

client/common/cmdline.c

@@ -207,23 +207,29 @@ BOOL freerdp_client_print_buildconfig(void)
 	return TRUE;
 }
 
-static char* print_token(char* text, int start_offset, int* current, int limit,
+static char* print_token(char* text, size_t start_offset, size_t* current, size_t limit,
                          const char delimiter)
 {
-	int len = (int)strlen(text);
+    int rc;
+    size_t len = strlen(text);
 
 	if (*current < start_offset)
-		*current += printf("%*c", (start_offset - *current), ' ');
+	{
+		rc = printf("%*c", (int)(start_offset - *current), ' ');
+		if (rc < 0)
+			return NULL;
+		*current += (size_t)rc;
+	}
 
 	if (*current + len > limit)
 	{
-		int x;
+		size_t x;
 
 		for (x = MIN(len, limit - start_offset); x > 1; x--)
 		{
 			if (text[x] == delimiter)
 			{
-				printf("%.*s\n", x, text);
+				printf("%.*s\n", (int)x, text);
 				*current = 0;
 				return &text[x];
 			}
@@ -232,11 +238,14 @@ static char* print_token(char* text, int start_offset, int* current, int limit,
 		return NULL;
 	}
 
-	*current += printf("%s", text);
+	rc = printf("%s", text);
+	if (rc < 0)
+		return NULL;
+	*current += (size_t)rc;
 	return NULL;
 }
 
-static int print_optionals(const char* text, int start_offset, int current)
+static size_t print_optionals(const char* text, size_t start_offset, size_t current)
 {
 	const size_t limit = 80;
 	char* str = _strdup(text);
@@ -249,7 +258,7 @@ static int print_optionals(const char* text, int start_offset, int current)
 	return current;
 }
 
-static int print_description(const char* text, int start_offset, int current)
+static size_t print_description(const char* text, size_t start_offset, size_t current)
 {
 	const size_t limit = 80;
 	char* str = _strdup(text);
@@ -273,13 +282,18 @@ static void freerdp_client_print_command_line_args(COMMAND_LINE_ARGUMENT_A* arg)
 
 	do
 	{
-		int pos = 0;
-		const int description_offset = 30 + 8;
+		int rc;
+		size_t pos = 0;
+		const size_t description_offset = 30 + 8;
 
 		if (arg->Flags & COMMAND_LINE_VALUE_BOOL)
-			pos += printf("    %s%s", arg->Default ? "-" : "+", arg->Name);
+			rc = printf("    %s%s", arg->Default ? "-" : "+", arg->Name);
 		else
-			pos += printf("    /%s", arg->Name);
+			rc = printf("    /%s", arg->Name);
+
+		if (rc < 0)
+			return;
+		pos += (size_t)rc;
 
 		if ((arg->Flags & COMMAND_LINE_VALUE_REQUIRED)
 		    || (arg->Flags & COMMAND_LINE_VALUE_OPTIONAL))
@@ -288,13 +302,22 @@ static void freerdp_client_print_command_line_args(COMMAND_LINE_ARGUMENT_A* arg)
 			{
 				if (arg->Flags & COMMAND_LINE_VALUE_OPTIONAL)
 				{
-					pos += printf("[:");
+					rc = printf("[:");
+					if (rc < 0)
+						return;
+					pos += (size_t)rc;
 					pos = print_optionals(arg->Format, pos, pos);
-					pos += printf("]");
+					rc = printf("]");
+					if (rc < 0)
+						return;
+					pos += (size_t)rc;
 				}
 				else
 				{
-					pos += printf(":");
+					rc = printf(":");
+					if (rc < 0)
+						return;
+					pos += (size_t)rc;
 					pos = print_optionals(arg->Format, pos, pos);
 				}
 
@@ -306,10 +329,18 @@ static void freerdp_client_print_command_line_args(COMMAND_LINE_ARGUMENT_A* arg)
 			}
 		}
 
-		pos += printf("%*c", (description_offset - pos), ' ');
+		rc = printf("%*c", (int)(description_offset - pos), ' ');
+		if (rc < 0)
+			return;
+		pos += (size_t)rc;
 
 		if (arg->Flags & COMMAND_LINE_VALUE_BOOL)
-			pos += printf("%s ", arg->Default ? "Disable" : "Enable");
+		{
+			rc = printf("%s ", arg->Default ? "Disable" : "Enable");
+			if (rc < 0)
+				return;
+			pos += (size_t)rc;
+		}
 
 		print_description(arg->Text, description_offset, pos);
 	}
@@ -426,7 +457,7 @@ static int freerdp_client_command_line_pre_filter(void* context, int index,
 }
 
 
-BOOL freerdp_client_add_device_channel(rdpSettings* settings, int count,
+BOOL freerdp_client_add_device_channel(rdpSettings* settings, size_t count,
                                        char** params)
 {
 	if (strcmp(params[0], "drive") == 0)
@@ -642,13 +673,13 @@ BOOL freerdp_client_add_device_channel(rdpSettings* settings, int count,
 	return FALSE;
 }
 
-BOOL freerdp_client_add_static_channel(rdpSettings* settings, int count,
+BOOL freerdp_client_add_static_channel(rdpSettings* settings, size_t count,
                                        char** params)
 {
 	int index;
 	ADDIN_ARGV* args;
 
-	if (!settings || !params || !params[0] || (count < 0))
+	if (!settings || !params || !params[0] || (count > INT_MAX))
 		return FALSE;
 
 	if (freerdp_static_channel_collection_find(settings, params[0]))
@@ -659,7 +690,7 @@ BOOL freerdp_client_add_static_channel(rdpSettings* settings, int count,
 	if (!args)
 		return FALSE;
 
-	args->argc = count;
+	args->argc = (int)count;
 	args->argv = (char**) calloc((size_t)args->argc, sizeof(char*));
 
 	if (!args->argv)
@@ -694,13 +725,13 @@ error_argv:
 	return FALSE;
 }
 
-BOOL freerdp_client_add_dynamic_channel(rdpSettings* settings, int count,
+BOOL freerdp_client_add_dynamic_channel(rdpSettings* settings, size_t count,
                                         char** params)
 {
 	int index;
 	ADDIN_ARGV* args;
 
-	if (!settings || !params || !params[0] || (count < 0))
+	if (!settings || !params || !params[0] || (count > INT_MAX))
 		return FALSE;
 
 	if (freerdp_dynamic_channel_collection_find(settings, params[0]))
@@ -711,7 +742,7 @@ BOOL freerdp_client_add_dynamic_channel(rdpSettings* settings, int count,
 	if (!args)
 		return FALSE;
 
-	args->argc = count;
+	args->argc = (int)count;
 	args->argv = (char**) calloc((size_t)args->argc, sizeof(char*));
 
 	if (!args->argv)
@@ -1190,7 +1221,7 @@ int freerdp_map_keyboard_layout_name_to_id(char* name)
 	for (i = 0; layouts[i].code; i++)
 	{
 		if (_stricmp(layouts[i].name, name) == 0)
-			id = layouts[i].code;
+			id = (int)layouts[i].code;
 	}
 
 	freerdp_keyboard_layouts_free(layouts);
@@ -1206,7 +1237,7 @@ int freerdp_map_keyboard_layout_name_to_id(char* name)
 	for (i = 0; layouts[i].code; i++)
 	{
 		if (_stricmp(layouts[i].name, name) == 0)
-			id = layouts[i].code;
+			id = (int)layouts[i].code;
 	}
 
 	freerdp_keyboard_layouts_free(layouts);
@@ -1222,7 +1253,7 @@ int freerdp_map_keyboard_layout_name_to_id(char* name)
 	for (i = 0; layouts[i].code; i++)
 	{
 		if (_stricmp(layouts[i].name, name) == 0)
-			id = layouts[i].code;
+			id = (int)layouts[i].code;
 	}
 
 	freerdp_keyboard_layouts_free(layouts);
@@ -3450,7 +3481,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->MultiTouchInput)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "rdpei";
 
@@ -3461,7 +3492,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportGraphicsPipeline)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "rdpgfx";
 
@@ -3472,7 +3503,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportEchoChannel)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "echo";
 
@@ -3483,7 +3514,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportSSHAgentChannel)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "sshagent";
 
@@ -3494,7 +3525,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportDisplayControl)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "disp";
 
@@ -3505,7 +3536,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportGeometryTracking)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "geometry";
 
@@ -3516,7 +3547,7 @@ BOOL freerdp_client_load_addins(rdpChannels* channels, rdpSettings* settings)
 	if (settings->SupportVideoOptimized)
 	{
 		char* p[1];
-		int count;
+		size_t count;
 		count = 1;
 		p[0] = "video";
 

client/common/test/TestClientRdpFile.c

@@ -2,6 +2,8 @@
 #include <stdio.h>
 #include <winpr/crt.h>
 #include <winpr/windows.h>
+#include <winpr/path.h>
+#include <winpr/crypto.h>
 
 #include <freerdp/client/file.h>
 
@@ -261,6 +263,32 @@ static char testRdpFileUTF8[] =
     "vendor integer:i:123\n"
     "vendor string:s:microsoft\n";
 
+static char* append(const char* fmt, ...)
+{
+	int rc;
+	char* dst;
+	va_list ap;
+
+	va_start(ap, fmt);
+	rc = vsnprintf(NULL, 0, fmt, ap);
+	va_end(ap);
+	if (rc < 0)
+		return NULL;
+	dst = malloc((size_t)rc + 1);
+	if (!dst)
+		return NULL;
+
+	va_start(ap, fmt);
+	rc = vsnprintf(dst, (size_t)rc + 1, fmt, ap);
+	va_end(ap);
+	if (rc < 0)
+	{
+		free(dst);
+		return NULL;
+	}
+	return dst;
+}
+
 int TestClientRdpFile(int argc, char* argv[])
 {
 	int rc = -1;
@@ -268,11 +296,16 @@ int TestClientRdpFile(int argc, char* argv[])
 	const char* sValue;
 	char* utfname = NULL;
 	char* uniname = NULL;
+	char* base = NULL;
+	char* tmp = NULL;
+	UINT64 id;
 	rdpFile* file;
 	rdpSettings* settings;
 
 	WINPR_UNUSED(argc);
 	WINPR_UNUSED(argv);
+	winpr_RAND((BYTE*)&id, sizeof(id));
+
 	/* Unicode */
 	file = freerdp_client_rdp_file_new();
 	settings = freerdp_settings_new(0);
@@ -409,8 +442,17 @@ int TestClientRdpFile(int argc, char* argv[])
 
 	freerdp_client_rdp_file_free(file);
 
-	utfname = _strdup(tmpnam(NULL));
-	uniname = _strdup(tmpnam(NULL));
+	tmp = GetKnownPath(KNOWN_PATH_TEMP);
+	if (!tmp)
+		goto fail;
+
+	base = append("%s/rdp-file-test-%"PRIx64, tmp, id);
+	if (!base)
+		goto fail;
+	if (!CreateDirectoryA(base, NULL))
+		goto fail;
+	utfname = append("%s/utfname", base);
+	uniname = append("%s/uniname", base);
 	file = freerdp_client_rdp_file_new();
 	if (!file || !utfname || !uniname)
 		goto fail;
@@ -430,8 +472,12 @@ fail:
 		DeleteFileA(utfname);
 	if (uniname)
 		DeleteFileA(uniname);
+	if (base)
+		RemoveDirectoryA(base);
 	free(utfname);
 	free(uniname);
+	free(base);
+	free(tmp);
 	freerdp_client_rdp_file_free(file);
 	freerdp_settings_free(settings);
 	return rc;

include/freerdp/client/cmdline.h

@@ -48,9 +48,9 @@ FREERDP_API BOOL freerdp_parse_username(const char* username, char** user, char*
 FREERDP_API BOOL freerdp_parse_hostname(const char* hostname, char** host, int* port);
 FREERDP_API BOOL freerdp_set_connection_type(rdpSettings* settings, UINT32 type);
 
-FREERDP_API BOOL freerdp_client_add_device_channel(rdpSettings* settings, int count, char** params);
-FREERDP_API BOOL freerdp_client_add_static_channel(rdpSettings* settings, int count, char** params);
-FREERDP_API BOOL freerdp_client_add_dynamic_channel(rdpSettings* settings, int count,
+FREERDP_API BOOL freerdp_client_add_device_channel(rdpSettings* settings, size_t count, char** params);
+FREERDP_API BOOL freerdp_client_add_static_channel(rdpSettings* settings, size_t count, char** params);
+FREERDP_API BOOL freerdp_client_add_dynamic_channel(rdpSettings* settings, size_t count,
         char** params);
 
 #ifdef __cplusplus

libfreerdp/common/addin.c

@@ -241,12 +241,16 @@ PVIRTUALCHANNELENTRY freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName,
 	const size_t cchBaseFileName = sizeof(FREERDP_SHARED_LIBRARY_PREFIX) + 32;
 	LPCSTR pszExtension;
 	LPCSTR pszPrefix = FREERDP_SHARED_LIBRARY_PREFIX;
+	const size_t nameLen = strnlen(pszName, MAX_PATH);
+	const size_t subsystemLen = strnlen(pszSubsystem, MAX_PATH);
+	const size_t typeLen = strlen(pszType);
+	size_t extensionLen;
 	pszExtension = PathGetSharedLibraryExtensionA(0);
+	extensionLen = strnlen(pszExtension, MAX_PATH);
 
 	if (pszName && pszSubsystem && pszType)
 	{
-		const size_t cchFileName = cchBaseFileName + strlen(pszName) + strlen(pszSubsystem) + strlen(
-		                               pszType) + strlen(pszExtension);
+		const size_t cchFileName = cchBaseFileName + nameLen + subsystemLen + typeLen + extensionLen;
 		pszFileName = (LPSTR) malloc(cchFileName);
 
 		if (!pszFileName)
@@ -257,8 +261,7 @@ PVIRTUALCHANNELENTRY freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName,
 	}
 	else if (pszName && pszSubsystem)
 	{
-		const size_t cchFileName = cchBaseFileName + strlen(pszName) + strlen(pszSubsystem) + strlen(
-		                               pszExtension);
+		const size_t cchFileName = cchBaseFileName + nameLen + subsystemLen + extensionLen;
 		pszFileName = (LPSTR) malloc(cchFileName);
 
 		if (!pszFileName)
@@ -269,7 +272,7 @@ PVIRTUALCHANNELENTRY freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName,
 	}
 	else if (pszName)
 	{
-		const size_t cchFileName = cchBaseFileName + strlen(pszName) + strlen(pszExtension);
+		const size_t cchFileName = cchBaseFileName + nameLen + extensionLen;
 		pszFileName = (LPSTR) malloc(cchFileName);
 
 		if (!pszFileName)
@@ -288,7 +291,7 @@ PVIRTUALCHANNELENTRY freerdp_load_dynamic_channel_addin_entry(LPCSTR pszName,
 		LPSTR pszEntryName;
 		size_t cchEntryName;
 		/* subsystem add-in */
-		cchEntryName = 64 + strlen(pszName);
+		cchEntryName = 64 + nameLen;
 		pszEntryName = (LPSTR) malloc(cchEntryName + 1);
 
 		if (!pszEntryName)

libfreerdp/common/settings.c

@@ -98,7 +98,7 @@ int freerdp_addin_set_argument_value(ADDIN_ARGV* args, char* option, char* value
 	int i;
 	char* p;
 	char* str;
-	int length;
+	size_t length;
 	char** new_argv;
 	length = strlen(option) + strlen(value) + 1;
 	str = (char*) malloc(length + 1);
@@ -142,7 +142,7 @@ int freerdp_addin_replace_argument_value(ADDIN_ARGV* args, char* previous, char*
 {
 	int i;
 	char* str;
-	int length;
+	size_t length;
 	char** new_argv;
 	length = strlen(option) + strlen(value) + 1;
 	str = (char*) malloc(length + 1);

libfreerdp/core/client.c

@@ -261,12 +261,12 @@ UINT freerdp_channels_attach(freerdp* instance)
 	UINT error = CHANNEL_RC_OK;
 	int index;
 	char* hostname;
-	int hostnameLength;
+	size_t hostnameLength;
 	rdpChannels* channels;
 	CHANNEL_CLIENT_DATA* pChannelClientData;
 	channels = instance->context->channels;
 	hostname = instance->settings->ServerHostname;
-	hostnameLength = (int) strlen(hostname);
+	hostnameLength = strlen(hostname);
 
 	for (index = 0; index < channels->clientDataCount; index++)
 	{
@@ -304,12 +304,12 @@ UINT freerdp_channels_detach(freerdp* instance)
 	UINT error = CHANNEL_RC_OK;
 	int index;
 	char* hostname;
-	int hostnameLength;
+	size_t hostnameLength;
 	rdpChannels* channels;
 	CHANNEL_CLIENT_DATA* pChannelClientData;
 	channels = instance->context->channels;
 	hostname = instance->settings->ServerHostname;
-	hostnameLength = (int) strlen(hostname);
+	hostnameLength = strlen(hostname);
 
 	for (index = 0; index < channels->clientDataCount; index++)
 	{

libfreerdp/core/gateway/http.c

@@ -91,7 +91,7 @@ static char* string_strnstr(char* str1, const char* str2, size_t slen)
 
 	if ((c = *str2++) != '\0')
 	{
-		len = strlen(str2);
+		len = strnlen(str2, slen + 1);
 
 		do
 		{

libfreerdp/core/gateway/rdg.c

@@ -239,12 +239,12 @@ static BOOL rdg_write_packet(rdpRdg* rdg, wStream* sPacket)
 	wStream* sChunk;
 	char chunkSize[11];
 	sprintf_s(chunkSize, sizeof(chunkSize), "%"PRIXz"\r\n", Stream_Length(sPacket));
-	sChunk = Stream_New(NULL, strlen(chunkSize) + Stream_Length(sPacket) + 2);
+	sChunk = Stream_New(NULL, strnlen(chunkSize, sizeof(chunkSize)) + Stream_Length(sPacket) + 2);
 
 	if (!sChunk)
 		return FALSE;
 
-	Stream_Write(sChunk, chunkSize, strlen(chunkSize));
+	Stream_Write(sChunk, chunkSize, strnlen(chunkSize, sizeof(chunkSize)));
 	Stream_Write(sChunk, Stream_Buffer(sPacket), Stream_Length(sPacket));
 	Stream_Write(sChunk, "\r\n", 2);
 	Stream_SealLength(sChunk);
@@ -1217,12 +1217,12 @@ static int rdg_write_data_packet(rdpRdg* rdg, const BYTE* buf, int isize)
 		return 0;
 
 	sprintf_s(chunkSize, sizeof(chunkSize), "%"PRIxz"\r\n", packetSize);
-	sChunk = Stream_New(NULL, strlen(chunkSize) + packetSize + 2);
+	sChunk = Stream_New(NULL, strnlen(chunkSize, sizeof(chunkSize)) + packetSize + 2);
 
 	if (!sChunk)
 		return -1;
 
-	Stream_Write(sChunk, chunkSize, strlen(chunkSize));
+	Stream_Write(sChunk, chunkSize, strnlen(chunkSize, sizeof(chunkSize)));
 	Stream_Write_UINT16(sChunk, PKT_TYPE_DATA);   /* Type */
 	Stream_Write_UINT16(sChunk, 0);   /* Reserved */
 	Stream_Write_UINT32(sChunk, (UINT32)packetSize);   /* Packet length */

libfreerdp/core/mcs.h

@@ -32,8 +32,8 @@ typedef struct rdp_mcs rdpMcs;
 
 #include <winpr/stream.h>
 
-#define MCS_BASE_CHANNEL_ID	1001
-#define MCS_GLOBAL_CHANNEL_ID	1003
+#define MCS_BASE_CHANNEL_ID 1001
+#define MCS_GLOBAL_CHANNEL_ID 1003
 
 enum MCS_Result
 {
@@ -149,19 +149,18 @@ struct rdp_mcs
 	rdpMcsChannel* channels;
 };
 
-#define MCS_SEND_DATA_HEADER_MAX_LENGTH		8
+#define MCS_SEND_DATA_HEADER_MAX_LENGTH 8
 
-#define MCS_TYPE_CONNECT_INITIAL		0x65
-#define MCS_TYPE_CONNECT_RESPONSE		0x66
+#define MCS_TYPE_CONNECT_INITIAL 0x65
+#define MCS_TYPE_CONNECT_RESPONSE 0x66
 
-FREERDP_LOCAL BOOL mcs_merge_domain_parameters(DomainParameters*
-        targetParameters, DomainParameters* minimumParameters,
-        DomainParameters* maximumParameters, DomainParameters* pOutParameters);
+FREERDP_LOCAL BOOL mcs_merge_domain_parameters(DomainParameters* targetParameters,
+                                               DomainParameters* minimumParameters,
+                                               DomainParameters* maximumParameters,
+                                               DomainParameters* pOutParameters);
 
-FREERDP_LOCAL BOOL mcs_write_connect_initial(wStream* s, rdpMcs* mcs,
-        wStream* userData);
-FREERDP_LOCAL BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs,
-        wStream* userData);
+FREERDP_LOCAL BOOL mcs_write_connect_initial(wStream* s, rdpMcs* mcs, wStream* userData);
+FREERDP_LOCAL BOOL mcs_write_connect_response(wStream* s, rdpMcs* mcs, wStream* userData);
 
 FREERDP_LOCAL BOOL mcs_recv_connect_initial(rdpMcs* mcs, wStream* s);
 FREERDP_LOCAL BOOL mcs_send_connect_initial(rdpMcs* mcs);
@@ -173,19 +172,16 @@ FREERDP_LOCAL BOOL mcs_recv_attach_user_request(rdpMcs* mcs, wStream* s);
 FREERDP_LOCAL BOOL mcs_send_attach_user_request(rdpMcs* mcs);
 FREERDP_LOCAL BOOL mcs_recv_attach_user_confirm(rdpMcs* mcs, wStream* s);
 FREERDP_LOCAL BOOL mcs_send_attach_user_confirm(rdpMcs* mcs);
-FREERDP_LOCAL BOOL mcs_recv_channel_join_request(rdpMcs* mcs, wStream* s,
-        UINT16* channelId);
+FREERDP_LOCAL BOOL mcs_recv_channel_join_request(rdpMcs* mcs, wStream* s, UINT16* channelId);
 FREERDP_LOCAL BOOL mcs_send_channel_join_request(rdpMcs* mcs, UINT16 channelId);
-FREERDP_LOCAL BOOL mcs_recv_channel_join_confirm(rdpMcs* mcs, wStream* s,
-        UINT16* channelId);
+FREERDP_LOCAL BOOL mcs_recv_channel_join_confirm(rdpMcs* mcs, wStream* s, UINT16* channelId);
 FREERDP_LOCAL BOOL mcs_send_channel_join_confirm(rdpMcs* mcs, UINT16 channelId);
-FREERDP_LOCAL BOOL mcs_recv_disconnect_provider_ultimatum(rdpMcs* mcs,
-        wStream* s, int* reason);
+FREERDP_LOCAL BOOL mcs_recv_disconnect_provider_ultimatum(rdpMcs* mcs, wStream* s, int* reason);
 FREERDP_LOCAL BOOL mcs_send_disconnect_provider_ultimatum(rdpMcs* mcs);
-FREERDP_LOCAL BOOL mcs_read_domain_mcspdu_header(wStream* s,
-        enum DomainMCSPDU* domainMCSPDU, UINT16* length);
-FREERDP_LOCAL void mcs_write_domain_mcspdu_header(wStream* s,
-        enum DomainMCSPDU domainMCSPDU, UINT16 length, BYTE options);
+FREERDP_LOCAL BOOL mcs_read_domain_mcspdu_header(wStream* s, enum DomainMCSPDU* domainMCSPDU,
+                                                 UINT16* length);
+FREERDP_LOCAL void mcs_write_domain_mcspdu_header(wStream* s, enum DomainMCSPDU domainMCSPDU,
+                                                  UINT16 length, BYTE options);
 
 FREERDP_LOCAL BOOL mcs_client_begin(rdpMcs* mcs);
 

libfreerdp/core/nego.c

@@ -711,11 +711,12 @@ static BOOL nego_read_request_token_or_cookie(rdpNego* nego, wStream* s)
 	size_t pos, len;
 	BOOL result = FALSE;
 	BOOL isToken = FALSE;
+	size_t remain = Stream_GetRemainingLength(s);
 	str = Stream_Pointer(s);
 	pos = Stream_GetPosition(s);
 
 	/* minimum length for token is 15 */
-	if (Stream_GetRemainingLength(s) < 15)
+	if (remain < 15)
 		return TRUE;
 
 	if (memcmp(Stream_Pointer(s), "Cookie: mstshash=", 17) != 0)
@@ -725,13 +726,13 @@ static BOOL nego_read_request_token_or_cookie(rdpNego* nego, wStream* s)
 	else
 	{
 		/* not a token, minimum length for cookie is 19 */
-		if (Stream_GetRemainingLength(s) < 19)
+		if (remain < 19)
 			return TRUE;
 
 		Stream_Seek(s, 17);
 	}
 
-	while (Stream_GetRemainingLength(s) >= 2)
+	while ((remain = Stream_GetRemainingLength(s)) >= 2)
 	{
 		Stream_Read_UINT16(s, crlf);
 
@@ -745,9 +746,10 @@ static BOOL nego_read_request_token_or_cookie(rdpNego* nego, wStream* s)
 	{
 		Stream_Rewind(s, 2);
 		len = Stream_GetPosition(s) - pos;
+		remain = Stream_GetRemainingLength(s);
 		Stream_Write_UINT16(s, 0);
 
-		if (strlen((char*)str) == len)
+		if (strnlen((char*)str, len) == len)
 		{
 			if (isToken)
 				result = nego_set_routing_token(nego, str, len);

libfreerdp/core/peer.c

@@ -48,7 +48,7 @@ static HANDLE freerdp_peer_virtual_channel_open(freerdp_peer* client, const char
 	if (flags & WTS_CHANNEL_OPTION_DYNAMIC)
 		return NULL; /* not yet supported */
 
-	length = strlen(name);
+	length = strnlen(name, 9);
 
 	if (length > 8)
 		return NULL; /* SVC maximum name length is 8 */

libfreerdp/core/proxy.c

@@ -406,7 +406,7 @@ static BOOL http_proxy_connect(BIO* bufferedBio, const char* hostname, UINT16 po
 	Stream_Write(s, " HTTP/1.1" CRLF "Host: ", 17);
 	Stream_Write(s, hostname, strlen(hostname));
 	Stream_Write_UINT8(s, ':');
-	Stream_Write(s, port_str, strlen(port_str));
+	Stream_Write(s, port_str, strnlen(port_str, sizeof (port_str)));
 	Stream_Write(s, CRLF CRLF, 4);
 	status = BIO_write(bufferedBio, Stream_Buffer(s), Stream_GetPosition(s));
 
@@ -468,7 +468,7 @@ static BOOL http_proxy_connect(BIO* bufferedBio, const char* hostname, UINT16 po
 	*eol = '\0';
 	WLog_INFO(TAG, "HTTP Proxy: %s", recv_buf);
 
-	if (strlen(recv_buf) < 12)
+	if (strnlen(recv_buf, sizeof(recv_buf)) < 12)
 	{
 		return FALSE;
 	}

libfreerdp/core/server.c

@@ -352,11 +352,11 @@ static void wts_write_drdynvc_header(wStream* s, BYTE Cmd, UINT32 ChannelId)
 static BOOL wts_write_drdynvc_create_request(wStream* s, UINT32 ChannelId,
         const char* ChannelName)
 {
-	UINT32 len;
+	size_t len;
 	wts_write_drdynvc_header(s, CREATE_REQUEST_PDU, ChannelId);
-	len = strlen(ChannelName) + 1;
+	len = strnlen(ChannelName, CHANNEL_NAME_LEN) + 1;
 
-	if (!Stream_EnsureRemainingCapacity(s, (int) len))
+	if (!Stream_EnsureRemainingCapacity(s, len))
 		return FALSE;
 
 	Stream_Write(s, ChannelName, len);
@@ -524,7 +524,7 @@ static rdpMcsChannel* wts_get_joined_channel_by_name(rdpMcs* mcs,
 {
 	UINT32 index;
 
-	if (!mcs || !channel_name || !strlen(channel_name))
+	if (!mcs || !channel_name || !strnlen(channel_name, CHANNEL_NAME_LEN))
 		return NULL;
 
 	for (index = 0; index < mcs->channelCount; index++)
@@ -532,7 +532,7 @@ static rdpMcsChannel* wts_get_joined_channel_by_name(rdpMcs* mcs,
 		if (mcs->channels[index].joined)
 		{
 			if (_strnicmp(mcs->channels[index].Name, channel_name,
-			              strlen(channel_name)) == 0)
+						  strnlen(channel_name, CHANNEL_NAME_LEN)) == 0)
 				return &mcs->channels[index];
 		}
 	}
@@ -990,7 +990,7 @@ BOOL WINAPI FreeRDP_WTSWaitSystemEvent(HANDLE hServer, DWORD EventMask,
 HANDLE WINAPI FreeRDP_WTSVirtualChannelOpen(HANDLE hServer, DWORD SessionId,
         LPSTR pVirtualName)
 {
-	int length;
+	size_t length;
 	UINT32 index;
 	rdpMcs* mcs;
 	BOOL joined = FALSE;

libfreerdp/core/test/TestConnect.c

@@ -184,7 +184,7 @@ static int testSuccess(int port)
 		NULL
 	};
 	char* commandLine = NULL;
-	int commandLineLen;
+	size_t commandLineLen;
 	int argc = 4;
 	char* path = NULL;
 	char* wpath = NULL;

libfreerdp/crypto/certificate.c

@@ -705,14 +705,14 @@ rdpCertificateData* certificate_data_new(const char* hostname, UINT16 port, cons
 	certdata->hostname = _strdup(hostname);
 
 	if (subject)
-		certdata->subject = crypto_base64_encode((BYTE*)subject, strlen(subject));
+		certdata->subject = crypto_base64_encode((const BYTE*)subject, strlen(subject));
 	else
-		certdata->subject = crypto_base64_encode((BYTE*)"", 0);
+		certdata->subject = crypto_base64_encode((const BYTE*)"", 0);
 
 	if (issuer)
-		certdata->issuer = crypto_base64_encode((BYTE*)issuer, strlen(issuer));
+		certdata->issuer = crypto_base64_encode((const BYTE*)issuer, strlen(issuer));
 	else
-		certdata->issuer = crypto_base64_encode((BYTE*)"", 0);
+		certdata->issuer = crypto_base64_encode((const BYTE*)"", 0);
 
 	certdata->fingerprint = _strdup(fingerprint);
 

libfreerdp/crypto/crypto.c

@@ -449,7 +449,7 @@ static void string_list_allocate(string_list* list, int allocate_count)
 {
 	if (!list->strings && list->allocated == 0)
 	{
-		list->strings = calloc(allocate_count, sizeof(list->strings[0]));
+		list->strings = calloc((size_t)allocate_count, sizeof(char*));
 		list->allocated = list->strings ? allocate_count : -1;
 		list->count = 0;
 	}

libfreerdp/crypto/test/TestBase64.c

@@ -26,7 +26,7 @@ struct Encode64test
 	const char* output;
 };
 
-struct Encode64test encodeTests[] =
+static const struct Encode64test encodeTests[] =
 {
 	{"\x00", 			1, "AA=="},
 	{"\x00\x00", 		2, "AAA="},
@@ -39,7 +39,6 @@ struct Encode64test encodeTests[] =
 	{NULL, -1, NULL},  /*  /!\ last one  /!\ */
 };
 
-
 int TestBase64(int argc, char* argv[])
 {
 	int i, testNb = 0;

libfreerdp/crypto/test/TestKnownHosts.c

@@ -25,13 +25,13 @@
 
 static int prepare(const char* currentFileV2, const char* legacyFileV2, const char* legacyFile)
 {
-	char* legacy[] =
+	const char* legacy[] =
 	{
 		"someurl ff:11:22:dd\r\n",
 		"otherurl aa:bb:cc:dd\r",
 		"legacyurl aa:bb:cc:dd\n"
 	};
-	char* hosts[] =
+	const char* hosts[] =
 	{
 		"#somecomment\r\n"
 		"someurl 3389 ff:11:22:dd subject issuer\r\n"
@@ -51,7 +51,7 @@ static int prepare(const char* currentFileV2, const char* legacyFileV2, const ch
 	if (!fl)
 		goto finish;
 
-	for (i = 0; i < sizeof(hosts) / sizeof(hosts[0]); i++)
+	for (i = 0; i < ARRAYSIZE(hosts); i++)
 	{
 		if (fwrite(hosts[i], strlen(hosts[i]), 1, fl) != 1 ||
 		    fwrite(hosts[i], strlen(hosts[i]), 1, fc) != 1)
@@ -67,7 +67,7 @@ static int prepare(const char* currentFileV2, const char* legacyFileV2, const ch
 	if (!fl)
 		goto finish;
 
-	for (i = 0; i < sizeof(legacy) / sizeof(legacy[0]); i++)
+	for (i = 0; i < ARRAYSIZE(legacy); i++)
 	{
 		if (fwrite(legacy[i], strlen(legacy[i]), 1, fl) != 1)
 			goto finish;

libfreerdp/crypto/test/Test_x509_cert_info.c

@@ -13,13 +13,13 @@ typedef struct
 	const char* expected_result;
 } certificate_test_t;
 
-char*   crypto_cert_subject_common_name_wo_length(X509* xcert)
+static char*   crypto_cert_subject_common_name_wo_length(X509* xcert)
 {
 	int length;
 	return crypto_cert_subject_common_name(xcert, & length);
 }
 
-char* certificate_path()
+static char* certificate_path(void)
 {
 	/*
 	Assume the .pem file is in the same directory as this source file.
@@ -31,15 +31,19 @@ char* certificate_path()
 #else
 	static const char dirsep = '/';
 #endif
-	static const char* filename = "Test_x509_cert_info.pem";
+	static const char filename[] = "Test_x509_cert_info.pem";
 	const char* file = __FILE__;
 	const char* last_dirsep = strrchr(file, dirsep);
 
 	if (last_dirsep)
 	{
-		char* result = malloc(last_dirsep - file + 1 + strlen(filename) + 1);
-		strncpy(result, file, (last_dirsep - file + 1));
-		strcpy(result + (last_dirsep - file + 1), filename);
+		const size_t filenameLen = strnlen(filename, sizeof(filename));
+		const size_t dirsepLen = last_dirsep - file + 1;
+		char* result = malloc(dirsepLen + filenameLen + 1);
+		if (!result)
+			return NULL;
+		strncpy(result, file, dirsepLen);
+		strncpy(result + dirsepLen, filename, filenameLen + 1);
 		return result;
 	}
 	else
@@ -49,7 +53,7 @@ char* certificate_path()
 	}
 }
 
-const certificate_test_t certificate_tests[] =
+static const certificate_test_t certificate_tests[] =
 {
 
 	{
@@ -98,7 +102,7 @@ const certificate_test_t certificate_tests[] =
 
 
 
-int TestCertificateFile(const char* certificate_path, const certificate_test_t* certificate_tests,
+static int TestCertificateFile(const char* certificate_path, const certificate_test_t* certificate_tests,
                         int count)
 {
 	X509*   certificate;

libfreerdp/crypto/tls.c

@@ -213,7 +213,7 @@ static int bio_rdp_tls_read(BIO* bio, char* buf, int size)
 
 static int bio_rdp_tls_puts(BIO* bio, const char* str)
 {
-	int size;
+	size_t size;
 	int status;
 
 	if (!str)

libfreerdp/gdi/test/TestGdiRop3.c

@@ -95,11 +95,11 @@
 
 static char* gdi_convert_postfix_to_infix(const char* postfix)
 {
-	int i;
-	int length;
+	size_t i;
+	size_t length;
 	BOOL unary;
 	wStack* stack;
-	int al, bl, cl, dl;
+	size_t al, bl, cl, dl;
 	char* a, *b, *c, *d;
 	bl = cl = dl = 0;
 	stack = Stack_New(FALSE);

libfreerdp/locale/keyboard_xkbfile.c

@@ -435,7 +435,7 @@ int freerdp_keyboard_load_map_from_xkbfile(void* display, DWORD x11_keycode_to_r
 				found = FALSE;
 				CopyMemory(xkb_keyname, xkb->names->keys[i].name, 4);
 
-				if (strlen(xkb_keyname) < 1)
+				if (strnlen(xkb_keyname, sizeof(xkb_keyname)) < 1)
 					continue;
 
 				for (j = 0; j < ARRAYSIZE(XKB_KEY_NAME_SCANCODE_TABLE); j++)

rdtk/librdtk/rdtk_font.c

@@ -107,8 +107,8 @@ static int rdtk_font_draw_glyph(rdtkSurface* surface, int nXDst, int nYDst, rdtk
 int rdtk_font_draw_text(rdtkSurface* surface, int nXDst, int nYDst, rdtkFont* font,
                         const char* text)
 {
-	int index;
-	int length;
+	size_t index;
+	size_t length;
 	rdtkGlyph* glyph;
 	font = surface->engine->font;
 	length = strlen(text);
@@ -125,8 +125,8 @@ int rdtk_font_draw_text(rdtkSurface* surface, int nXDst, int nYDst, rdtkFont* fo
 
 int rdtk_font_text_draw_size(rdtkFont* font, int* width, int* height, const char* text)
 {
-	int index;
-	int length;
+	size_t index;
+	size_t length;
 	int glyphIndex;
 	rdtkGlyph* glyph;
 	*width = 0;
@@ -201,7 +201,7 @@ static char* rdtk_font_load_descriptor_file(const char* filename, int* pSize)
 
 static int rdtk_font_convert_descriptor_code_to_utf8(const char* str, BYTE* utf8)
 {
-	int len = strlen(str);
+	size_t len = strlen(str);
 	*((UINT32*) utf8) = 0;
 
 	if (len < 1)
@@ -587,7 +587,7 @@ static int rdtk_font_load_descriptor(rdtkFont* font, const char* filename)
 rdtkFont* rdtk_font_new(rdtkEngine* engine, const char* path, const char* file)
 {
 	int status;
-	int length;
+	size_t length;
 	rdtkFont* font = NULL;
 	char* fontBaseFile = NULL;
 	char* fontImageFile = NULL;

server/proxy/pf_server.c

@@ -61,7 +61,7 @@ static BOOL pf_server_parse_target_from_routing_token(rdpContext* context,
 #define ROUTING_TOKEN_PREFIX "Cookie: msts="
 	char* colon;
 	size_t len;
-	const size_t prefix_len  = strlen(ROUTING_TOKEN_PREFIX);
+	const size_t prefix_len  = strnlen(ROUTING_TOKEN_PREFIX, sizeof(ROUTING_TOKEN_PREFIX));
 	DWORD routing_token_length;
 	const char* routing_token = freerdp_nego_get_routing_token(context, &routing_token_length);
 

server/shadow/shadow_server.c

@@ -69,7 +69,7 @@ static COMMAND_LINE_ARGUMENT_A shadow_args[] =
 static int shadow_server_print_command_line_help(int argc, char** argv)
 {
 	char* str;
-	int length;
+	size_t length;
 	COMMAND_LINE_ARGUMENT_A* arg;
 
 	if (argc < 1)
@@ -98,7 +98,7 @@ static int shadow_server_print_command_line_help(int argc, char** argv)
 
 			if (arg->Format)
 			{
-				length = (int)(strlen(arg->Name) + strlen(arg->Format) + 2);
+				length = (strlen(arg->Name) + strlen(arg->Format) + 2);
 				str = (char*) malloc(length + 1);
 
 				if (!str)
@@ -117,7 +117,7 @@ static int shadow_server_print_command_line_help(int argc, char** argv)
 		}
 		else if (arg->Flags & COMMAND_LINE_VALUE_BOOL)
 		{
-			length = (int) strlen(arg->Name) + 32;
+			length = strlen(arg->Name) + 32;
 			str = (char*) malloc(length + 1);
 
 			if (!str)

winpr/libwinpr/clipboard/synthetic.c

@@ -382,7 +382,7 @@ static void* clipboard_synthesize_html_format(wClipboard* clipboard, UINT32 form
 			body = strstr(pSrcData, "<BODY");
 
 		/* StartHTML */
-		sprintf_s(num, sizeof(num), "%010"PRIuz"", strlen(pDstData));
+		sprintf_s(num, sizeof(num), "%010"PRIuz"", strnlen(pDstData, SrcSize + 200));
 		CopyMemory(&pDstData[23], num, 10);
 
 		if (!body)
@@ -390,11 +390,11 @@ static void* clipboard_synthesize_html_format(wClipboard* clipboard, UINT32 form
 
 		strcat(pDstData, "<!--StartFragment-->");
 		/* StartFragment */
-		sprintf_s(num, sizeof(num), "%010"PRIuz"", strlen(pDstData));
+		sprintf_s(num, sizeof(num), "%010"PRIuz"", strnlen(pDstData, SrcSize + 200));
 		CopyMemory(&pDstData[69], num, 10);
 		strcat(pDstData, pSrcData);
 		/* EndFragment */
-		sprintf_s(num, sizeof(num), "%010"PRIuz"", strlen(pDstData));
+		sprintf_s(num, sizeof(num), "%010"PRIuz"", strnlen(pDstData, SrcSize + 200));
 		CopyMemory(&pDstData[93], num, 10);
 		strcat(pDstData, "<!--EndFragment-->");
 
@@ -402,7 +402,7 @@ static void* clipboard_synthesize_html_format(wClipboard* clipboard, UINT32 form
 			strcat(pDstData, "</BODY></HTML>");
 
 		/* EndHTML */
-		sprintf_s(num, sizeof(num), "%010"PRIuz"", strlen(pDstData));
+		sprintf_s(num, sizeof(num), "%010"PRIuz"", strnlen(pDstData, SrcSize + 200));
 		CopyMemory(&pDstData[43], num, 10);
 		*pSize = (UINT32) strlen(pDstData) + 1;
 		free(pSrcData);

winpr/libwinpr/clipboard/test/TestClipboardFormats.c

@@ -47,7 +47,7 @@ int TestClipboardFormats(int argc, char* argv[])
 			return -1;
 		}
 
-		SrcSize = (UINT32)(strlen(pSrcData) + 1);
+		SrcSize = (UINT32)(strnlen(pSrcData, UINT32_MAX - 1) + 1);
 		bSuccess = ClipboardSetData(clipboard, utf8StringFormatId, pSrcData,
 		                            SrcSize);
 		fprintf(stderr, "ClipboardSetData: %"PRId32"\n", bSuccess);

winpr/libwinpr/crt/string.c

@@ -217,13 +217,13 @@ WCHAR* wcstok_s(WCHAR* strToken, const WCHAR* strDelimit, WCHAR** context)
 
 LPSTR CharUpperA(LPSTR lpsz)
 {
-	int i;
-	int length;
+	size_t i;
+	size_t length;
 
 	if (!lpsz)
 		return NULL;
 
-	length = (int) strlen(lpsz);
+	length = strlen(lpsz);
 
 	if (length < 1)
 		return (LPSTR) NULL;
@@ -287,13 +287,13 @@ DWORD CharUpperBuffW(LPWSTR lpsz, DWORD cchLength)
 
 LPSTR CharLowerA(LPSTR lpsz)
 {
-	int i;
-	int length;
+	size_t i;
+	size_t length;
 
 	if (!lpsz)
 		return (LPSTR) NULL;
 
-	length = (int) strlen(lpsz);
+	length = strlen(lpsz);
 
 	if (length < 1)
 		return (LPSTR) NULL;

winpr/libwinpr/crt/test/TestUnicodeConversion.c

@@ -86,14 +86,14 @@ static BYTE ru_Administrator_lower[] =
 static BYTE ru_Administrator_upper[] =
 		"\xd0\x90\xd0\x94\xd0\x9c\xd0\x98\xd0\x9d\xd0\x98\xd0\xa1\xd0\xa2\xd0\xa0\xd0\x90\xd0\xa2\xd0\x9e\xd0\xa0\x00";
 
-void string_hexdump(BYTE* data, int length)
+static void string_hexdump(const BYTE* data, size_t length)
 {
-	BYTE* p = data;
-	int i, line, offset = 0;
+	const BYTE* p = data;
+	size_t i, line, offset = 0;
 
 	while (offset < length)
 	{
-		printf("%04x ", offset);
+		printf("%04"PRIxz" ", offset);
 
 		line = length - offset;
 
@@ -116,11 +116,11 @@ void string_hexdump(BYTE* data, int length)
 	}
 }
 
-int convert_utf8_to_utf16(BYTE* lpMultiByteStr, BYTE* expected_lpWideCharStr, int expected_cchWideChar)
+static int convert_utf8_to_utf16(BYTE* lpMultiByteStr, BYTE* expected_lpWideCharStr, int expected_cchWideChar)
 {
 	int rc = -1;
 	int length;
-	int cbMultiByte;
+	size_t cbMultiByte;
 	int cchWideChar;
 	LPWSTR lpWideCharStr = NULL;
 
@@ -139,7 +139,7 @@ int convert_utf8_to_utf16(BYTE* lpMultiByteStr, BYTE* expected_lpWideCharStr, in
 		goto fail;
 	}
 
-	lpWideCharStr = (LPWSTR) calloc(cchWideChar, sizeof(WCHAR));
+	lpWideCharStr = (LPWSTR) calloc((size_t)cchWideChar, sizeof(WCHAR));
 	if (!lpWideCharStr)
 	{
 		printf("MultiByteToWideChar: unable to allocate memory for test\n");
@@ -191,7 +191,7 @@ fail:
 	return rc;
 }
 
-int convert_utf16_to_utf8(BYTE* lpWideCharStr, BYTE* expected_lpMultiByteStr, int expected_cbMultiByte)
+static int convert_utf16_to_utf8(BYTE* lpWideCharStr, BYTE* expected_lpMultiByteStr, int expected_cbMultiByte)
 {
 	int rc = -1;
 	int length;
@@ -266,7 +266,7 @@ fail:
 	return rc;
 }
 
-BOOL test_unicode_uppercasing(BYTE* lower, BYTE* upper)
+static BOOL test_unicode_uppercasing(BYTE* lower, BYTE* upper)
 {
 	WCHAR* lowerW = NULL;
 	int lowerLength;
@@ -296,12 +296,12 @@ BOOL test_unicode_uppercasing(BYTE* lower, BYTE* upper)
 	return TRUE;
 }
 
-BOOL test_ConvertFromUnicode_wrapper()
+static BOOL test_ConvertFromUnicode_wrapper(void)
 {
-	BYTE src1[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x40\x00\x40\x00\x40\x00";
-	BYTE src2[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x00\x00";
+	const BYTE src1[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x40\x00\x40\x00\x40\x00";
+	const BYTE src2[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x00\x00";
 	/*               00  01  02  03  04  05  06  07  08  09  10  11  12  13  14  15  16  17  18 */
-	CHAR  cmp0[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T', 0 };
+	const CHAR  cmp0[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T', 0 };
 	CHAR* dst = NULL;
 	int i;
 
@@ -380,28 +380,30 @@ fail:
 	return FALSE;
 }
 
-BOOL test_ConvertToUnicode_wrapper()
+static BOOL test_ConvertToUnicode_wrapper(void)
 {
 	/*               00  01  02  03  04  05  06  07  08  09  10  11  12  13  14  15  16  17  18 */
-	CHAR  src1[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T','@','@','@' };
-	CHAR  src2[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T', 0 };
-	BYTE cmp0[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x00\x00";
+	const CHAR  src1[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T','@','@','@' };
+	const CHAR  src2[] = { 'R','I','C','H',' ','T','E','X','T',' ','F','O','R','M','A','T', 0 };
+	const BYTE cmp0[] = "\x52\x00\x49\x00\x43\x00\x48\x00\x20\x00\x54\x00\x45\x00\x58\x00\x54\x00\x20\x00\x46\x00\x4f\x00\x52\x00\x4d\x00\x41\x00\x54\x00\x00\x00";
 	WCHAR* dst = NULL;
-	int i;
+	int ii;
+	size_t i;
 
 	/* Test unterminated unicode string:
 	 * ConvertToUnicode must always null-terminate, even if the src string isn't
 	 */
 
 	printf("Input UTF8 String:\n");
-	string_hexdump((BYTE*) src1, 19);
+	string_hexdump((const BYTE*) src1, 19);
 
-	i = ConvertToUnicode(CP_UTF8, 0, src1, 16, &dst, 0);
-	if (i != 16)
+	ii = ConvertToUnicode(CP_UTF8, 0, src1, 16, &dst, 0);
+	if (ii != 16)
 	{
-		fprintf(stderr, "ConvertToUnicode failure A1: unexpectedly returned %d instead of 16\n", i);
+		fprintf(stderr, "ConvertToUnicode failure A1: unexpectedly returned %d instead of 16\n", ii);
 		goto fail;
 	}
+	i = (size_t)ii;
 	if (dst == NULL)
 	{
 		fprintf(stderr, "ConvertToUnicode failure A2: destination ist NULL\n");
@@ -412,13 +414,13 @@ BOOL test_ConvertToUnicode_wrapper()
 		fprintf(stderr, "ConvertToUnicode failure A3: dst length is %d instead of 16\n", i);
 		goto fail;
 	}
-	if (_wcscmp(dst, (WCHAR*)cmp0))
+	if (_wcscmp(dst, (const WCHAR*)cmp0))
 	{
 		fprintf(stderr, "ConvertToUnicode failure A4: data mismatch\n");
 		goto fail;
 	}
 	printf("Output UTF16 String:\n");
-	string_hexdump((BYTE*) dst, (i + 1) * sizeof(WCHAR));
+	string_hexdump((const BYTE*) dst, (i + 1) * sizeof(WCHAR));
 
 	free(dst);
 	dst = NULL;
@@ -426,7 +428,7 @@ BOOL test_ConvertToUnicode_wrapper()
 	/* Test null-terminated string */
 
 	printf("Input UTF8 String:\n");
-	string_hexdump((BYTE*) src2, strlen(src2) + 1);
+	string_hexdump((const BYTE*) src2, strlen(src2) + 1);
 
 	i = ConvertToUnicode(CP_UTF8, 0, src2, -1, &dst, 0);
 	if (i != 17)

winpr/libwinpr/crt/unicode.c

@@ -168,7 +168,7 @@ int MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr,
 
 	if (cbMultiByte == -1)
 	{
-		size_t len = strlen((const char*) lpMultiByteStr);
+		size_t len = strnlen((const char*) lpMultiByteStr, INT32_MAX);
 		if (len >= INT32_MAX)
 			return 0;
 		cbMultiByte = (int)len + 1;
@@ -389,7 +389,7 @@ int ConvertToUnicode(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr,
 
 	if (cbMultiByte == -1)
 	{
-		size_t len = strlen(lpMultiByteStr);
+		size_t len = strnlen(lpMultiByteStr, INT_MAX);
 		if (len >= INT_MAX)
 			return 0;
 		cbMultiByte = (int)(len + 1);

winpr/libwinpr/crypto/test/TestCryptoCipher.c

@@ -30,7 +30,7 @@ static BOOL test_crypto_cipher_aes_128_cbc()
 	memset(ibuf, 0, sizeof(ibuf));
 	memset(obuf, 0, sizeof(obuf));
 
-	ilen = strlen(plaintext) + 1;
+	ilen = strnlen(plaintext, sizeof(plaintext)) + 1;
 	memcpy(ibuf, plaintext, ilen);
 
 	ilen = ((ilen + 15) / 16) * 16;
@@ -121,7 +121,7 @@ static BOOL test_crypto_cipher_rc4()
 	BYTE* text = NULL;
 	WINPR_RC4_CTX* ctx;
 
-	len = strlen(TEST_RC4_PLAINTEXT);
+	len = strnlen(TEST_RC4_PLAINTEXT, sizeof(TEST_RC4_PLAINTEXT));
 
 	if (!(text = (BYTE*) calloc(1, len)))
 	{
@@ -129,12 +129,12 @@ static BOOL test_crypto_cipher_rc4()
 		goto out;
 	}
 
-	if ((ctx = winpr_RC4_New(TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY))) == NULL)
+	if ((ctx = winpr_RC4_New(TEST_RC4_KEY, strnlen((const char*)TEST_RC4_KEY, sizeof(TEST_RC4_KEY)))) == NULL)
 	{
 		fprintf(stderr, "%s: winpr_RC4_New failed\n", __FUNCTION__);
 		goto out;
 	}
-	rc = winpr_RC4_Update(ctx, len, (BYTE*) TEST_RC4_PLAINTEXT, text);
+	rc = winpr_RC4_Update(ctx, len, (const BYTE*) TEST_RC4_PLAINTEXT, text);
 	winpr_RC4_Free(ctx);
 	if (!rc)
 	{

winpr/libwinpr/crypto/test/TestCryptoHash.c

@@ -4,8 +4,8 @@
 #include <winpr/crypto.h>
 #include <winpr/ssl.h>
 
-static const char* TEST_MD5_DATA = "test";
-static const BYTE* TEST_MD5_HASH = (BYTE*) "\x09\x8f\x6b\xcd\x46\x21\xd3\x73\xca\xde\x4e\x83\x26\x27\xb4\xf6";
+static const char TEST_MD5_DATA[] = "test";
+static const BYTE TEST_MD5_HASH[] = "\x09\x8f\x6b\xcd\x46\x21\xd3\x73\xca\xde\x4e\x83\x26\x27\xb4\xf6";
 
 static BOOL test_crypto_hash_md5(void)
 {
@@ -23,7 +23,7 @@ static BOOL test_crypto_hash_md5(void)
 		fprintf(stderr, "%s: winpr_Digest_Init failed\n", __FUNCTION__);
 		goto out;
 	}
-	if (!winpr_Digest_Update(ctx, (BYTE*) TEST_MD5_DATA, strlen(TEST_MD5_DATA)))
+	if (!winpr_Digest_Update(ctx, (const BYTE*) TEST_MD5_DATA, strnlen(TEST_MD5_DATA, sizeof(TEST_MD5_DATA))))
 	{
 		fprintf(stderr, "%s: winpr_Digest_Update failed\n", __FUNCTION__);
 		goto out;
@@ -55,8 +55,8 @@ out:
 	return result;
 }
 
-static const char* TEST_MD4_DATA = "test";
-static const BYTE* TEST_MD4_HASH = (BYTE*) "\xdb\x34\x6d\x69\x1d\x7a\xcc\x4d\xc2\x62\x5d\xb1\x9f\x9e\x3f\x52";
+static const char TEST_MD4_DATA[] = "test";
+static const BYTE TEST_MD4_HASH[] = "\xdb\x34\x6d\x69\x1d\x7a\xcc\x4d\xc2\x62\x5d\xb1\x9f\x9e\x3f\x52";
 
 static BOOL test_crypto_hash_md4(void)
 {
@@ -74,7 +74,7 @@ static BOOL test_crypto_hash_md4(void)
 		fprintf(stderr, "%s: winpr_Digest_Init failed\n", __FUNCTION__);
 		goto out;
 	}
-	if (!winpr_Digest_Update(ctx, (BYTE*) TEST_MD4_DATA, strlen(TEST_MD4_DATA)))
+	if (!winpr_Digest_Update(ctx, (const BYTE*) TEST_MD4_DATA, strnlen(TEST_MD4_DATA, sizeof(TEST_MD4_DATA))))
 	{
 		fprintf(stderr, "%s: winpr_Digest_Update failed\n", __FUNCTION__);
 		goto out;
@@ -106,8 +106,8 @@ out:
 	return result;
 }
 
-static const char* TEST_SHA1_DATA = "test";
-static const BYTE* TEST_SHA1_HASH = (BYTE*) "\xa9\x4a\x8f\xe5\xcc\xb1\x9b\xa6\x1c\x4c\x08\x73\xd3\x91\xe9\x87\x98\x2f\xbb\xd3";
+static const char TEST_SHA1_DATA[] = "test";
+static const BYTE TEST_SHA1_HASH[] = "\xa9\x4a\x8f\xe5\xcc\xb1\x9b\xa6\x1c\x4c\x08\x73\xd3\x91\xe9\x87\x98\x2f\xbb\xd3";
 
 static BOOL test_crypto_hash_sha1(void)
 {
@@ -125,7 +125,7 @@ static BOOL test_crypto_hash_sha1(void)
 		fprintf(stderr, "%s: winpr_Digest_Init failed\n", __FUNCTION__);
 		goto out;
 	}
-	if (!winpr_Digest_Update(ctx, (BYTE*) TEST_SHA1_DATA, strlen(TEST_SHA1_DATA)))
+	if (!winpr_Digest_Update(ctx, (const BYTE*) TEST_SHA1_DATA, strnlen(TEST_SHA1_DATA, sizeof(TEST_SHA1_DATA))))
 	{
 		fprintf(stderr, "%s: winpr_Digest_Update failed\n", __FUNCTION__);
 		goto out;
@@ -158,9 +158,9 @@ out:
 	return result;
 }
 
-static const char* TEST_HMAC_MD5_DATA = "Hi There";
-static const BYTE* TEST_HMAC_MD5_KEY = (BYTE*) "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
-static const BYTE* TEST_HMAC_MD5_HASH = (BYTE*) "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d";
+static const char TEST_HMAC_MD5_DATA[] = "Hi There";
+static const BYTE TEST_HMAC_MD5_KEY[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
+static const BYTE TEST_HMAC_MD5_HASH[] = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d";
 
 static BOOL test_crypto_hash_hmac_md5(void)
 {
@@ -179,7 +179,7 @@ static BOOL test_crypto_hash_hmac_md5(void)
 		fprintf(stderr, "%s: winpr_HMAC_Init failed\n", __FUNCTION__);
 		goto out;
 	}
-	if (!winpr_HMAC_Update(ctx, (BYTE*) TEST_HMAC_MD5_DATA, strlen(TEST_HMAC_MD5_DATA)))
+	if (!winpr_HMAC_Update(ctx, (const BYTE*) TEST_HMAC_MD5_DATA, strnlen(TEST_HMAC_MD5_DATA, sizeof(TEST_HMAC_MD5_DATA))))
 	{
 		fprintf(stderr, "%s: winpr_HMAC_Update failed\n", __FUNCTION__);
 		goto out;
@@ -212,9 +212,9 @@ out:
 	return result;
 }
 
-static const char* TEST_HMAC_SHA1_DATA = "Hi There";
-static const BYTE* TEST_HMAC_SHA1_KEY = (BYTE*) "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
-static const BYTE* TEST_HMAC_SHA1_HASH = (BYTE*) "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00";
+static const char TEST_HMAC_SHA1_DATA[] = "Hi There";
+static const BYTE TEST_HMAC_SHA1_KEY[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
+static const BYTE TEST_HMAC_SHA1_HASH[] = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00";
 
 static BOOL test_crypto_hash_hmac_sha1(void)
 {
@@ -233,7 +233,7 @@ static BOOL test_crypto_hash_hmac_sha1(void)
 		fprintf(stderr, "%s: winpr_HMAC_Init failed\n", __FUNCTION__);
 		goto out;
 	}
-	if (!winpr_HMAC_Update(ctx, (BYTE*) TEST_HMAC_SHA1_DATA, strlen(TEST_HMAC_SHA1_DATA)))
+	if (!winpr_HMAC_Update(ctx, (const	BYTE*) TEST_HMAC_SHA1_DATA, strnlen(TEST_HMAC_SHA1_DATA, sizeof(TEST_HMAC_SHA1_DATA))))
 	{
 		fprintf(stderr, "%s: winpr_HMAC_Update failed\n", __FUNCTION__);
 		goto out;
@@ -268,6 +268,9 @@ out:
 
 int TestCryptoHash(int argc, char* argv[])
 {
+	WINPR_UNUSED(argc);
+	WINPR_UNUSED(argv);
+
 	winpr_InitializeSSL(WINPR_SSL_INIT_DEFAULT);
 
 	if (!test_crypto_hash_md5())

winpr/libwinpr/crypto/test/TestCryptoProtectMemory.c

@@ -11,9 +11,9 @@ int TestCryptoProtectMemory(int argc, char* argv[])
 {
 	int cbPlainText;
 	int cbCipherText;
-	char* pPlainText;
+	const char* pPlainText;
 	BYTE* pCipherText;
-	pPlainText = (char*) SECRET_PASSWORD_TEST;
+	pPlainText = SECRET_PASSWORD_TEST;
 	cbPlainText = strlen(pPlainText) + 1;
 	cbCipherText = cbPlainText + (CRYPTPROTECTMEMORY_BLOCK_SIZE - (cbPlainText % CRYPTPROTECTMEMORY_BLOCK_SIZE));
 	printf("cbPlainText: %d cbCipherText: %d\n", cbPlainText, cbCipherText);

winpr/libwinpr/environment/environment.c

@@ -222,8 +222,8 @@ LPCH GetEnvironmentStringsA(VOID)
 {
 #if !defined(_UWP)
 	char* p;
-	int offset;
-	int length;
+	size_t offset;
+	size_t length;
 	char** envp;
 	DWORD cchEnvironmentBlock;
 	LPCH lpszEnvironmentBlock;
@@ -238,9 +238,9 @@ LPCH GetEnvironmentStringsA(VOID)
 
 	while (*envp)
 	{
-		length = (int) strlen(*envp);
+		length = strlen(*envp);
 
-		while ((offset + length + 8) > (int) cchEnvironmentBlock)
+		while ((offset + length + 8) > cchEnvironmentBlock)
 		{
 			DWORD new_size;
 			LPCH new_blk;
@@ -317,17 +317,17 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 {
 	const char* cp;
 	char* p;
-	int offset;
-	int length;
+	size_t offset;
+	size_t length;
 	const char* envp;
 	DWORD cchEnvironmentBlock;
 	LPCH lpszEnvironmentBlock;
 	const char** mergeStrings;
-	int mergeStringLength;
-	int mergeArraySize = 128;
-	int run;
-	int mergeLength;
-	int foundMerge;
+	size_t mergeStringLength;
+	size_t mergeArraySize = 128;
+	size_t run;
+	size_t mergeLength;
+	size_t foundMerge;
 	char* foundEquals;
 
 	mergeStrings = (LPCSTR*) calloc(mergeArraySize, sizeof(char*));
@@ -341,7 +341,7 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 
 	while (*cp && *(cp + 1))
 	{
-		length = (int) strlen(cp);
+		length = strlen(cp);
 
 		if (mergeStringLength == mergeArraySize)
 		{
@@ -378,10 +378,10 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 
 	while ((original != NULL) && (*envp && *(envp+1)))
 	{
-		ULONG old_offset = offset;
-		length = (int) strlen(envp);
+		size_t old_offset = offset;
+		length = strlen(envp);
 
-		while ((offset + length + 8) > (int) cchEnvironmentBlock)
+		while ((offset + length + 8) > cchEnvironmentBlock)
 		{
 			LPCH tmp;
 			cchEnvironmentBlock *= 2;
@@ -405,7 +405,7 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 			if (!mergeStrings[run])
 				continue;
 
-			mergeLength = (int) strlen(mergeStrings[run]);
+			mergeLength = strlen(mergeStrings[run]);
 			foundEquals = strstr(mergeStrings[run], "=");
 
 			if (!foundEquals)
@@ -421,7 +421,7 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 				}
 				else
 				{
-					while ((offset + mergeLength + 8) > (int) cchEnvironmentBlock)
+					while ((offset + mergeLength + 8) > cchEnvironmentBlock)
 					{
 						LPCH tmp;
 						cchEnvironmentBlock *= 2;
@@ -462,9 +462,9 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 		if (!mergeStrings[run])
 			continue;
 
-		mergeLength = (int) strlen(mergeStrings[run]);
+		mergeLength = strlen(mergeStrings[run]);
 
-		while ((offset + mergeLength + 8) > (int) cchEnvironmentBlock)
+		while ((offset + mergeLength + 8) > cchEnvironmentBlock)
 		{
 			LPCH tmp;
 			cchEnvironmentBlock *= 2;
@@ -497,23 +497,23 @@ LPCH MergeEnvironmentStrings(PCSTR original, PCSTR merge)
 
 DWORD GetEnvironmentVariableEBA(LPCSTR envBlock, LPCSTR lpName, LPSTR lpBuffer, DWORD nSize)
 {
-	int vLength = 0;
+	size_t vLength = 0;
 	char* env = NULL;
 	char* foundEquals;
 	const char* penvb = envBlock;
-	int nLength, fLength, lpNameLength;
+	size_t nLength, fLength, lpNameLength;
 
 	if (!lpName || NULL == envBlock)
 		return 0;
 
-	lpNameLength = (int) strlen(lpName);
+	lpNameLength = strlen(lpName);
 
 	if (lpNameLength < 1)
 		return 0;
 
 	while (*penvb && *(penvb + 1))
 	{
-		fLength = (int) strlen(penvb);
+		fLength = strlen(penvb);
 		foundEquals = strstr(penvb,"=");
 
 		if (!foundEquals)
@@ -522,7 +522,7 @@ DWORD GetEnvironmentVariableEBA(LPCSTR envBlock, LPCSTR lpName, LPSTR lpBuffer,
 			return 0;
 		}
 
-		nLength = (int) (foundEquals - penvb);
+		nLength = (foundEquals - penvb);
 
 		if (nLength != lpNameLength)
 		{
@@ -542,9 +542,9 @@ DWORD GetEnvironmentVariableEBA(LPCSTR envBlock, LPCSTR lpName, LPSTR lpBuffer,
 	if (!env)
 		return 0;
 
-	vLength = (int) strlen(env);
+	vLength = strlen(env);
 
-	if ((vLength + 1 > (int) nSize) || (!lpBuffer))
+	if ((vLength + 1 > nSize) || (!lpBuffer))
 		return vLength + 1;
 
 	CopyMemory(lpBuffer, env, vLength + 1);
@@ -597,9 +597,9 @@ BOOL SetEnvironmentVariableEBA(LPSTR* envBlock, LPCSTR lpName, LPCSTR lpValue)
 char** EnvironmentBlockToEnvpA(LPCH lpszEnvironmentBlock)
 {
 	char* p;
-	int index;
-	int count;
-	int length;
+	SSIZE_T index;
+	size_t count;
+	size_t length;
 	char** envp = NULL;
 
 	count = 0;
@@ -610,7 +610,7 @@ char** EnvironmentBlockToEnvpA(LPCH lpszEnvironmentBlock)
 
 	while (p[0] && p[1])
 	{
-		length = (int) strlen(p);
+		length = strlen(p);
 		p += (length + 1);
 		count++;
 	}
@@ -625,7 +625,7 @@ char** EnvironmentBlockToEnvpA(LPCH lpszEnvironmentBlock)
 
 	while (p[0] && p[1])
 	{
-		length = (int) strlen(p);
+		length = strlen(p);
 		envp[index] = _strdup(p);
 		if (!envp[index])
 		{

winpr/libwinpr/environment/test/TestEnvironmentGetEnvironmentStrings.c

@@ -6,23 +6,33 @@
 
 int TestEnvironmentGetEnvironmentStrings(int argc, char* argv[])
 {
+	int r = -1;
 	TCHAR* p;
-	int length;
+	size_t length;
 	LPTCH lpszEnvironmentBlock;
 
+	WINPR_UNUSED(argc);
+	WINPR_UNUSED(argv);
+
 	lpszEnvironmentBlock = GetEnvironmentStrings();
 
 	p = (TCHAR*) lpszEnvironmentBlock;
 
 	while (p[0] && p[1])
 	{
-		_tprintf(_T("%s\n"), p);
+		const int rc = _tprintf(_T("%s\n"), p);
+		if (rc < 1)
+			goto fail;
 		length = _tcslen(p);
+		if (length != (size_t)(rc - 1))
+			goto fail;
 		p += (length + 1);
 	}
 
+	r = 0;
+fail:
 	FreeEnvironmentStrings(lpszEnvironmentBlock);
 
-	return 0;
+	return r;
 }
 

winpr/libwinpr/environment/test/TestEnvironmentMergeEnvironmentStrings.c

@@ -8,7 +8,7 @@ int TestEnvironmentMergeEnvironmentStrings(int argc, char* argv[])
 {
 #ifndef _WIN32
 	TCHAR* p;
-	int length;
+	size_t length;
 	LPTCH lpszEnvironmentBlock;
 	LPTCH lpsz2Merge = "SHELL=123\0test=1\0test1=2\0DISPLAY=:77\0\0";
 	LPTCH lpszMergedEnvironmentBlock;

winpr/libwinpr/environment/test/TestEnvironmentSetEnvironmentVariable.c

@@ -17,7 +17,7 @@ int TestEnvironmentSetEnvironmentVariable(int argc, char* argv[])
 	nSize = GetEnvironmentVariableA(TEST_NAME, NULL, 0);
 
 	/* check if value returned is len + 1 ) */
-	if (nSize != strlen(TEST_VALUE) + 1)
+	if (nSize != strnlen(TEST_VALUE, sizeof(TEST_VALUE)) + 1)
 	{
 		printf("GetEnvironmentVariableA not found error\n");
 		return -1;
@@ -30,7 +30,7 @@ int TestEnvironmentSetEnvironmentVariable(int argc, char* argv[])
 
 	nSize = GetEnvironmentVariableA(TEST_NAME, lpBuffer, nSize);
 
-	if (nSize != strlen(TEST_VALUE))
+	if (nSize != strnlen(TEST_VALUE, sizeof(TEST_VALUE)))
 	{
 		printf("GetEnvironmentVariableA wrong size returned\n");
 		goto fail;

winpr/libwinpr/file/namedPipeClient.c

@@ -266,7 +266,7 @@ char* GetNamedPipeNameWithoutPrefixA(LPCSTR lpName)
 	if (!IsNamedPipeFileNameA(lpName))
 		return NULL;
 
-	lpFileName = _strdup(&lpName[strlen(NAMED_PIPE_PREFIX_PATH)]);
+	lpFileName = _strdup(&lpName[strnlen(NAMED_PIPE_PREFIX_PATH, sizeof(NAMED_PIPE_PREFIX_PATH))]);
 	return lpFileName;
 }
 

winpr/libwinpr/file/test/TestFileGetStdHandle.c

@@ -27,7 +27,7 @@
 int TestFileGetStdHandle(int argc, char* argv[])
 {
 	HANDLE so;
-	char *buf = "happy happy";
+	const char buf[] = "happy happy";
 	DWORD bytesWritten;
 
 	so = GetStdHandle(STD_OUTPUT_HANDLE);
@@ -36,8 +36,8 @@ int TestFileGetStdHandle(int argc, char* argv[])
 		fprintf(stderr, "GetStdHandle failed ;(\n");
 		return -1;
 	}
-	WriteFile(so, buf, strlen(buf), &bytesWritten, FALSE);
-	if (bytesWritten != strlen(buf))
+	WriteFile(so, buf, strnlen(buf, sizeof(buf)), &bytesWritten, FALSE);
+	if (bytesWritten != strnlen(buf, sizeof (buf)))
 	{
 		fprintf(stderr, "write failed\n");
 		return -1;

winpr/libwinpr/io/device.c

@@ -74,7 +74,7 @@ char* GetDeviceFileNameWithoutPrefixA(LPCSTR lpName)
 	if (strncmp(lpName, DEVICE_FILE_PREFIX_PATH, sizeof(DEVICE_FILE_PREFIX_PATH) - 1) != 0)
 		return NULL;
 
-	lpFileName = _strdup(&lpName[strlen(DEVICE_FILE_PREFIX_PATH)]);
+	lpFileName = _strdup(&lpName[strnlen(DEVICE_FILE_PREFIX_PATH, sizeof (DEVICE_FILE_PREFIX_PATH))]);
 	return lpFileName;
 }
 

winpr/libwinpr/library/library.c

@@ -283,7 +283,7 @@ DWORD GetModuleFileNameA(HMODULE hModule, LPSTR lpFilename, DWORD nSize)
 		}
 
 		buffer[status] = '\0';
-		length = strlen(buffer);
+		length = strnlen(buffer, sizeof(buffer));
 
 		if (length < nSize)
 		{
@@ -321,7 +321,7 @@ DWORD GetModuleFileNameA(HMODULE hModule, LPSTR lpFilename, DWORD nSize)
 		 * so use realpath to find the absolute, canonical path.
 		 */
 		realpath(path, buffer);
-		length = strlen(buffer);
+		length = strnlen(buffer, sizeof(buffer));
 
 		if (length < nSize)
 		{

winpr/libwinpr/registry/registry.c

@@ -291,10 +291,10 @@ LONG RegQueryValueExA(HKEY hKey, LPCSTR lpValueName,
 			}
 			else if (pValue->type == REG_SZ)
 			{
-				int length;
+				size_t length;
 				char* pData = (char*) lpData;
 
-				length = (int) strlen(pValue->data.string);
+				length = strnlen(pValue->data.string, UINT32_MAX);
 
 				if (pData != NULL)
 				{
@@ -302,7 +302,7 @@ LONG RegQueryValueExA(HKEY hKey, LPCSTR lpValueName,
 					pData[length] = '\0';
 				}
 
-				*lpcbData = length;
+				*lpcbData = (UINT32)length;
 
 				return ERROR_SUCCESS;
 			}

winpr/libwinpr/sysinfo/sysinfo.c

@@ -391,7 +391,7 @@ BOOL GetVersionExW(LPOSVERSIONINFOW lpVersionInformation)
 BOOL GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
 {
 	char* dot;
-	int length;
+	size_t length;
 	char hostname[256];
 
 	if (!lpnSize)
@@ -403,28 +403,28 @@ BOOL GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
 	if (gethostname(hostname, sizeof(hostname)) == -1)
 		return FALSE;
 
-	length = (int) strlen(hostname);
+	length = strnlen(hostname, sizeof(hostname));
 	dot = strchr(hostname, '.');
 
 	if (dot)
-		length = (int)(dot - hostname);
+		length = (dot - hostname);
 
 	if ((*lpnSize <= (DWORD) length) || !lpBuffer)
 	{
 		SetLastError(ERROR_BUFFER_OVERFLOW);
-		*lpnSize = length + 1;
+		*lpnSize = (DWORD)(length + 1);
 		return FALSE;
 	}
 
 	CopyMemory(lpBuffer, hostname, length);
 	lpBuffer[length] = '\0';
-	*lpnSize = length;
+	*lpnSize = (DWORD)length;
 	return TRUE;
 }
 
 BOOL GetComputerNameExA(COMPUTER_NAME_FORMAT NameType, LPSTR lpBuffer, LPDWORD lpnSize)
 {
-	int length;
+	size_t length;
 	char hostname[256];
 
 	if (!lpnSize)
@@ -449,7 +449,7 @@ BOOL GetComputerNameExA(COMPUTER_NAME_FORMAT NameType, LPSTR lpBuffer, LPDWORD l
 	if (gethostname(hostname, sizeof(hostname)) == -1)
 		return FALSE;
 
-	length = (int) strlen(hostname);
+	length = strnlen(hostname, sizeof(hostname));
 
 	switch (NameType)
 	{
@@ -461,14 +461,14 @@ BOOL GetComputerNameExA(COMPUTER_NAME_FORMAT NameType, LPSTR lpBuffer, LPDWORD l
 	    case ComputerNamePhysicalDnsFullyQualified:
 			if ((*lpnSize <= (DWORD) length) || !lpBuffer)
 			{
-				*lpnSize = length + 1;
+				*lpnSize = (DWORD)(length + 1);
 				SetLastError(ERROR_MORE_DATA);
 				return FALSE;
 			}
 
 			CopyMemory(lpBuffer, hostname, length);
 			lpBuffer[length] = '\0';
-			*lpnSize = length;
+			*lpnSize = (DWORD)length;
 		    break;
 
 	    default:

winpr/libwinpr/thread/argv.c

@@ -91,16 +91,16 @@
 LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 {
 	char* p;
-	int length;
+	size_t length;
 	char* pBeg;
 	char* pEnd;
 	char* buffer;
 	char* pOutput;
 	int numArgs = 0;
 	LPSTR* pArgs;
-	int maxNumArgs;
-	int maxBufferSize;
-	int cmdLineLength;
+	size_t maxNumArgs;
+	size_t maxBufferSize;
+	size_t cmdLineLength;
 	BOOL* lpEscapedChars;
 	LPSTR lpEscapedCmdLine;
 
@@ -112,7 +112,7 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 
 	pArgs = NULL;
 	lpEscapedCmdLine = NULL;
-	cmdLineLength = (int) strlen(lpCmdLine);
+	cmdLineLength = strlen(lpCmdLine);
 	lpEscapedChars = (BOOL*) calloc(cmdLineLength + 1, sizeof(BOOL));
 
 	if (!lpEscapedChars)
@@ -120,7 +120,8 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 
 	if (strstr(lpCmdLine, "\\\""))
 	{
-		int i, n;
+		size_t i;
+		size_t n;
 		char* pLastEnd = NULL;
 		lpEscapedCmdLine = (char*) calloc(cmdLineLength + 1, sizeof(char));
 
@@ -140,7 +141,7 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 
 			if (!pBeg)
 			{
-				length = (int) strlen(p);
+				length = strlen(p);
 				CopyMemory(pOutput, p, length);
 				pOutput += length;
 				break;
@@ -159,8 +160,8 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 				pBeg--;
 			}
 
-			n = (int)((pEnd - pBeg) - 1);
-			length = (int)(pBeg - pLastEnd);
+			n = ((pEnd - pBeg) - 1);
+			length = (pBeg - pLastEnd);
 			CopyMemory(pOutput, p, length);
 			pOutput += length;
 			p += length;
@@ -179,7 +180,7 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 
 		*pOutput++ = '\0';
 		lpCmdLine = (LPCSTR) lpEscapedCmdLine;
-		cmdLineLength = (int) strlen(lpCmdLine);
+		cmdLineLength = strlen(lpCmdLine);
 	}
 
 	maxNumArgs = 2;
@@ -223,7 +224,7 @@ LPSTR* CommandLineToArgvA(LPCSTR lpCmdLine, int* pNumArgs)
 		if (*p != '"')
 		{
 			/* no whitespace escaped with double quotes */
-			length = (int)(p - pBeg);
+			length = (p - pBeg);
 			CopyMemory(pOutput, pBeg, length);
 			pOutput[length] = '\0';
 			pArgs[numArgs++] = pOutput;

winpr/libwinpr/utils/wlog/Appender.c

@@ -167,7 +167,8 @@ BOOL WLog_SetLogAppenderType(wLog* log, DWORD logAppenderType)
 
 BOOL WLog_ConfigureAppender(wLogAppender *appender, const char *setting, void *value)
 {
-	if (!appender || !setting || !strlen(setting))
+	/* Just check the settings string is not empty */
+	if (!appender || !setting || (strnlen(setting, 2) == 0))
 		return FALSE;
 
 	if (appender->Set)

winpr/libwinpr/utils/wlog/BinaryAppender.c

@@ -107,10 +107,10 @@ static BOOL WLog_BinaryAppender_WriteMessage(wLog* log, wLogAppender* appender,
 {
 	FILE* fp;
 	wStream* s;
-	int MessageLength;
-	int FileNameLength;
-	int FunctionNameLength;
-	int TextStringLength;
+	size_t MessageLength;
+	size_t FileNameLength;
+	size_t FunctionNameLength;
+	size_t TextStringLength;
 	BOOL ret = TRUE;
 	wLogBinaryAppender* binaryAppender;
 
@@ -124,33 +124,36 @@ static BOOL WLog_BinaryAppender_WriteMessage(wLog* log, wLogAppender* appender,
 	if (!fp)
 		return FALSE;
 
-	FileNameLength = (int) strlen(message->FileName);
-	FunctionNameLength = (int) strlen(message->FunctionName);
-	TextStringLength = (int) strlen(message->TextString);
+	FileNameLength = strnlen(message->FileName, UINT32_MAX);
+	FunctionNameLength = strnlen(message->FunctionName, UINT32_MAX);
+	TextStringLength = strnlen(message->TextString, UINT32_MAX);
 
 	MessageLength = 16 +
 			(4 + FileNameLength + 1) +
 			(4 + FunctionNameLength + 1) +
 			(4 + TextStringLength + 1);
 
+	if ((MessageLength > UINT32_MAX) || (FileNameLength > UINT32_MAX) || (FunctionNameLength > UINT32_MAX) || (TextStringLength > UINT32_MAX))
+		return FALSE;
+
 	s = Stream_New(NULL, MessageLength);
 	if (!s)
 		return FALSE;
 
-	Stream_Write_UINT32(s, MessageLength);
+	Stream_Write_UINT32(s, (UINT32)MessageLength);
 
 	Stream_Write_UINT32(s, message->Type);
 	Stream_Write_UINT32(s, message->Level);
 
 	Stream_Write_UINT32(s, message->LineNumber);
 
-	Stream_Write_UINT32(s, FileNameLength);
+	Stream_Write_UINT32(s, (UINT32)FileNameLength);
 	Stream_Write(s, message->FileName, FileNameLength + 1);
 
-	Stream_Write_UINT32(s, FunctionNameLength);
+	Stream_Write_UINT32(s, (UINT32)FunctionNameLength);
 	Stream_Write(s, message->FunctionName, FunctionNameLength + 1);
 
-	Stream_Write_UINT32(s, TextStringLength);
+	Stream_Write_UINT32(s, (UINT32)TextStringLength);
 	Stream_Write(s, message->TextString, TextStringLength + 1);
 
 	Stream_SealLength(s);
@@ -177,7 +180,8 @@ static BOOL WLog_BinaryAppender_Set(wLogAppender* appender, const char *setting,
 {
 	wLogBinaryAppender *binaryAppender = (wLogBinaryAppender *) appender;
 
-	if (!value || !strlen(value))
+	/* Just check if the value string is longer than 0 */
+	if (!value || (strnlen(value, 2) == 0))
 		return FALSE;
 
 	if (!strcmp("outputfilename", setting))

winpr/libwinpr/utils/wlog/ConsoleAppender.c

@@ -214,7 +214,8 @@ static BOOL WLog_ConsoleAppender_Set(wLogAppender* appender, const char *setting
 {
 	wLogConsoleAppender *consoleAppender = (wLogConsoleAppender *)appender;
 
-	if (!value || !strlen(value))
+	/* Just check the value string is not empty */
+	if (!value || (strnlen(value, 2) == 0))
 		return FALSE;
 
 	if (strcmp("outputstream", setting))

winpr/libwinpr/utils/wlog/FileAppender.c

@@ -192,7 +192,8 @@ static BOOL WLog_FileAppender_Set(wLogAppender* appender, const char* setting, v
 {
 	wLogFileAppender* fileAppender = (wLogFileAppender*) appender;
 
-	if (!value || !strlen(value))
+	/* Just check the value string is not empty */
+	if (!value || (strnlen(value, 2) == 0))
 		return FALSE;
 
 	if (!strcmp("outputfilename", setting))

winpr/libwinpr/utils/wlog/JournaldAppender.c

@@ -140,7 +140,8 @@ static BOOL WLog_JournaldAppender_Set(wLogAppender* appender, const char *settin
 {
 	wLogJournaldAppender* journaldAppender = (wLogJournaldAppender *)appender;
 
-	if (!value || !strlen(value))
+	/* Just check the value string is not empty */
+	if (!value || (strnlen(value, 2) == 0))
 		return FALSE;
 
 	if (strcmp("identifier", setting))

winpr/libwinpr/utils/wlog/UdpAppender.c

@@ -104,9 +104,9 @@ static BOOL WLog_UdpAppender_WriteMessage(wLog* log, wLogAppender* appender, wLo
 	udpAppender = (wLogUdpAppender*)appender;
 	message->PrefixString = prefix;
 	WLog_Layout_GetMessagePrefix(log, appender->Layout, message);
-	_sendto(udpAppender->sock, message->PrefixString, strlen(message->PrefixString),
+	_sendto(udpAppender->sock, message->PrefixString, (int)strnlen(message->PrefixString, INT_MAX),
 	        0, &udpAppender->targetAddr, udpAppender->targetAddrLen);
-	_sendto(udpAppender->sock, message->TextString, strlen(message->TextString),
+	_sendto(udpAppender->sock, message->TextString, (int)strnlen(message->TextString, INT_MAX),
 	        0, &udpAppender->targetAddr, udpAppender->targetAddrLen);
 	_sendto(udpAppender->sock, "\n", 1, 0, &udpAppender->targetAddr, udpAppender->targetAddrLen);
 	return TRUE;
@@ -132,12 +132,14 @@ static BOOL WLog_UdpAppender_WriteImageMessage(wLog* log, wLogAppender* appender
 
 static BOOL WLog_UdpAppender_Set(wLogAppender* appender, const char* setting, void* value)
 {
+	const char target[] = "target";
 	wLogUdpAppender* udpAppender = (wLogUdpAppender*)appender;
 
-	if (!value || !strlen(value))
+	/* Just check the value string is not empty */
+	if (!value || (strnlen(value, 2) == 0))
 		return FALSE;
 
-	if (strcmp("target", setting))
+	if (strncmp(target, setting, sizeof(target)))
 		return FALSE;
 
 	udpAppender->targetAddrLen = 0;