Fix compiler warnings and improve code quality

- Replace unsafe strcpy with strcpy_s for better security - Fix DLL binding issues by adding PRIVATEBIN_API macros - Add explicit type casts to resolve size conversion warnings - Replace unsafe getenv with _dupenv_s for better security - Add PRIVATEBINAPI_EXPORTS definition in CMakeLists.txt - Improve CMake configuration for better build compatibility
2025-08-28 21:25:25 +02:00
parent b97d9f2d7f
commit cd7e957692
5 changed files with 24 additions and 18 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -40,6 +40,9 @@ set(HEADERS
 # Create the shared library
 add_library(privatebinapi SHARED ${SOURCES} ${HEADERS})

+# Define PRIVATEBINAPI_EXPORTS for the library build
+target_compile_definitions(privatebinapi PRIVATE PRIVATEBINAPI_EXPORTS)
+
 # Include directories
 target_include_directories(privatebinapi PUBLIC 
    ${CMAKE_CURRENT_SOURCE_DIR}/include
@@ -110,4 +113,4 @@ if(ENABLE_LLVM_COVERAGE)
        WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
        DEPENDS privatebinapi
    )
-endif()
+endif()
--- a/src/base58.cpp
+++ b/src/base58.cpp
@@ -16,7 +16,7 @@ std::string Base58::encode(const std::vector<unsigned char>& data) {
    }
    
    // Convert to base58
-    std::vector<unsigned char> digits((data.size() - leading_zeros) * 138 / 100 + 1);
+    std::vector<unsigned char> digits(static_cast<size_t>((data.size() - leading_zeros) * 138 / 100 + 1));
    size_t digitslen = 1;
    
    for (size_t i = leading_zeros; i < data.size(); i++) {
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -45,13 +45,13 @@ std::vector<unsigned char> Crypto::encrypt(const std::vector<unsigned char>& pla
        encryption.EncryptAndAuthenticate(
            ciphertext.data(), 
            auth_tag.data(),
-            auth_tag.size(),
+            static_cast<int>(auth_tag.size()),
            iv.data(), 
-            iv.size(),
+            static_cast<int>(iv.size()),
            nullptr, 
            0,  // Additional authenticated data
            plaintext.data(), 
-            plaintext.size()
+            static_cast<int>(plaintext.size())
        );
        
        return ciphertext;
@@ -79,13 +79,13 @@ std::vector<unsigned char> Crypto::decrypt(const std::vector<unsigned char>& cip
        bool valid = decryption.DecryptAndVerify(
            plaintext.data(),
            auth_tag.data(),
-            auth_tag.size(),
+            static_cast<int>(auth_tag.size()),
            iv.data(),
-            iv.size(),
+            static_cast<int>(iv.size()),
            nullptr,
            0,  // Additional authenticated data
            ciphertext.data(),
-            ciphertext.size()
+            static_cast<int>(ciphertext.size())
        );
        
        if(!valid) {
--- a/src/privatebinapi.cpp
+++ b/src/privatebinapi.cpp
@@ -26,14 +26,14 @@ static void copy_string_to_output(const std::string& source, char** destination)
    if (destination) {
        *destination = static_cast<char*>(malloc(source.length() + 1));
        if (*destination) {
-            std::strcpy(*destination, source.c_str());
+            strcpy_s(*destination, source.length() + 1, source.c_str());
        }
    }
 }

 extern "C" {

-int create_paste(const char* server_url, const char* content, 
+PRIVATEBIN_API int create_paste(const char* server_url, const char* content, 
                 const char* password, const char* expiration,
                 const char* format, int burn_after_reading, 
                 int open_discussion, char** paste_url, 
@@ -128,10 +128,10 @@ int create_paste(const char* server_url, const char* content,
    }
 }

-int upload_file(const char* server_url, const char* file_path,
-                const char* password, const char* expiration,
-                int burn_after_reading, int open_discussion,
-                char** paste_url, char** delete_token) {
+PRIVATEBIN_API int upload_file(const char* server_url, const char* file_path,
+               const char* password, const char* expiration,
+               int burn_after_reading, int open_discussion,
+               char** paste_url, char** delete_token) {
    
    if (!server_url || !file_path) {
        return ERROR_INVALID_INPUT;
@@ -248,7 +248,7 @@ int upload_file(const char* server_url, const char* file_path,
    }
 }

-int get_paste(const char* server_url, const char* paste_id, 
+PRIVATEBIN_API int get_paste(const char* server_url, const char* paste_id, 
              const char* key, char** content) {
    
    if (!server_url || !paste_id || !key || !content) {
@@ -305,7 +305,7 @@ int get_paste(const char* server_url, const char* paste_id,
    }
 }

-int delete_paste(const char* server_url, const char* paste_id, 
+PRIVATEBIN_API int delete_paste(const char* server_url, const char* paste_id, 
                 const char* delete_token) {
    
    if (!server_url || !paste_id || !delete_token) {
@@ -347,7 +347,7 @@ int delete_paste(const char* server_url, const char* paste_id,
    }
 }

-void free_string(char* str) {
+PRIVATEBIN_API void free_string(char* str) {
    if (str) {
        free(str);
    }
--- a/tests/test_basic.cpp
+++ b/tests/test_basic.cpp
@@ -21,9 +21,12 @@ static bool extract_paste_id_and_key(const std::string& full_url, std::string& p
 }

 int main() {
-    const char* it = std::getenv("PRIVATEBIN_IT");
+    char* it = nullptr;
+    size_t len = 0;
+    _dupenv_s(&it, &len, "PRIVATEBIN_IT");
    if (!it || std::string(it) == "0") {
        std::cout << "[test] PRIVATEBIN_IT not set; skipping integration test." << std::endl;
+        free(it);
        return 0; // treat as success when integration testing is disabled
    }