Bugfix

src/Common/BaseCom.cpp

@@ -27,7 +27,10 @@ HRESULT CreateElevatedComObject (HWND hwnd, REFGUID guid, REFIID iid, void **ppv
     WCHAR clsid[1024];
     BIND_OPTS3 bo;
 
-    StringFromGUID2 (guid, clsid, sizeof (clsid) / 2);
+	if (!StringFromGUID2(guid, clsid, sizeof(clsid) / 2))
+	{
+		return E_OUTOFMEMORY;
+	}
 	swprintf_s (monikerName, sizeof (monikerName) / 2, L"Elevation:Administrator!new:%s", clsid);
 
     memset (&bo, 0, sizeof (bo));
@@ -168,7 +171,6 @@ DWORD BaseCom::GetFileSize (BSTR filePath, unsigned __int64 *pSize)
 
 	try
 	{
-		std::wstring path (filePath);
 		File file(filePath, true);
 		file.CheckOpened (SRC_POS);
 		file.GetFileSize (*pSize);

src/Common/BootEncryption.cpp

@@ -1283,7 +1283,7 @@ namespace VeraCrypt
 
 				// Convert absolute path to relative to the Windows directory
 				driverPath = pathBuf;
-				driverPath = driverPath.substr (driverPath.rfind (L"\\", driverPath.rfind (L"\\", driverPath.rfind (L"\\") - 1) - 1) + 1);
+				driverPath = driverPath.substr (driverPath.rfind (L'\\', driverPath.rfind (L'\\', driverPath.rfind(L'\\') - 1) - 1) + 1);
 			}
 		}
 
@@ -4511,9 +4511,10 @@ namespace VeraCrypt
 			device.Read (bootLoaderBuf, sizeof (bootLoaderBuf));
 
 			// Prevent TrueCrypt loader from being backed up
-			for (size_t i = 0; i < sizeof (bootLoaderBuf) - strlen (TC_APP_NAME); ++i)
+			size_t lenAppName = strlen(TC_APP_NAME);
+			for (size_t i = 0; i < sizeof (bootLoaderBuf) - lenAppName; ++i)
 			{
-				if (memcmp (bootLoaderBuf + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0)
+				if (memcmp (bootLoaderBuf + i, TC_APP_NAME, lenAppName) == 0)
 				{
 					if (AskWarnNoYes ("TC_BOOT_LOADER_ALREADY_INSTALLED", ParentWindow) == IDNO)
 						throw UserAbort (SRC_POS);
@@ -4696,17 +4697,19 @@ namespace VeraCrypt
 		if (mszDest && input)
 		{
 			DWORD offset, remainingSize = dwDestSize;
+			DWORD str_input = strlen(input);
+			DWORD str_mszDest = strlen(mszDest);
 			while (*mszDest)
 			{
 				if (_stricmp (mszDest, input) == 0)
 				{
-					offset = (DWORD) strlen (input) + 1;
+					offset = str_input + 1;
 					memmove (mszDest, mszDest + offset, remainingSize - offset);
 					dwDestSize -= offset;
 					bRet = true;
 					break;
 				}
-				offset = (DWORD) strlen (mszDest) + 1;
+				offset = str_mszDest + 1;
 				mszDest += offset;
 				remainingSize -= offset;
 			}
@@ -5421,11 +5424,8 @@ namespace VeraCrypt
 		}
 
 		// Change the PKCS-5 PRF if requested by user
-		if (pkcs5 != 0)
-		{
-			cryptoInfo->pkcs5 = pkcs5;
-			RandSetHashFunction (pkcs5);
-		}
+		cryptoInfo->pkcs5 = pkcs5;
+		RandSetHashFunction (pkcs5);
 
 		if (Randinit() != 0)
 		{

src/Common/Dlgcode.c

@@ -8031,13 +8031,14 @@ BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPA
 			// Determine the number of newlines contained in the message text
 			{
 				int64 offset = -1;
+				int str_len = wcslen(L"\n");
 
 				do
 				{
 					offset = FindString ((char *) (bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1)), 
 						(char *) L"\n",
 						nMainTextLenInChars * 2, 
-						(int) wcslen (L"\n") * 2, 
+						str_len * 2,
 						offset + 1);
 
 					newLineSeqCount++;
@@ -14552,10 +14553,14 @@ static bool RunAsDesktopUser(
 			goto cleanup;
 		}
 
-		AdjustTokenPrivileges(hThreadToken, FALSE, &tkp, 0, NULL, NULL);
-		dwLastErr = GetLastError();
-		if (ERROR_SUCCESS != dwLastErr)
+		if (!AdjustTokenPrivileges(hThreadToken, FALSE, &tkp, 0, NULL, NULL))
 		{
+			dwLastErr = GetLastError();
+			goto cleanup;
+		}
+		if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
+		{
+			dwLastErr = ERROR_NOT_ALL_ASSIGNED;
 			goto cleanup;
 		}
 	}
@@ -14638,7 +14643,7 @@ static bool RunAsDesktopUser(
 	if (hThreadToken) CloseHandle(hThreadToken);
 
 	if (!RevertToSelf())
-	return false;
+		return false;
 
 	if (!retval)
 		SetLastError (dwLastErr);
@@ -15263,7 +15268,7 @@ void PasswordEditDropTarget::GotLeave(void)
 DWORD PasswordEditDropTarget::GotEnter(void)
 {
 	TCHAR szClassName[64];
-	DWORD dwStyles;
+	LONG_PTR dwStyles;
 	int maxLen;
 	HWND hChild = WindowFromPoint (m_DropPoint);
 	// check that we are on password edit control (we use maximum length to correctly identify password fields since they don't always have ES_PASSWORD style (if the the user checked show password)
@@ -15668,4 +15673,4 @@ bool OneOfKBsInstalled (const wchar_t* szKBs[], int count)
 
 	return bRet;
 }
-#endif // VC_COMREG
+#endif // VC_COMREG

src/Common/Xml.c

@@ -93,9 +93,11 @@ char *XmlGetAttributeText (char *xmlNode, const char *xmlAttrName, char *xmlAttr
 	e = strchr (e, '>');
 	if (e == NULL) return NULL;
 
+	size_t len_xmlAttrName = strlen(xmlAttrName);
+
 	while ((t = strstr (t, xmlAttrName)) && t < e)
 	{
-		char *o = t + strlen (xmlAttrName);
+		char *o = t + len_xmlAttrName;
 		if (t[-1] == ' '
 			&&
 			(BeginsWith (o, "=\"")

src/Format/Tcformat.c

@@ -1515,7 +1515,9 @@ static void VerifySizeAndUpdate (HWND hwndDlg, BOOL bUpdate)
 
 	GetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTmp, ARRAYSIZE (szTmp));
 
-	for (i = 0; i < (__int64) wcslen (szTmp); i++)
+	__int64 len_szTmp = wcslen(szTmp);
+
+	for (i = 0; i < len_szTmp; i++)
 	{
 		if (szTmp[i] >= L'0' && szTmp[i] <= L'9')
 			continue;