[librpsecure] integrity_level.c: Don't use _sntprintf() for the integ…

…rity level. This breaks in some cases (MSVC 2013) due to linking to the static CRT in svrplus in release builds.
GerbilSoft · Mar 14, 2020 · 13cbdf4 · 13cbdf4
1 parent 4e68ea1
commit 13cbdf4
Showing 1 changed file with 24 additions and 3 deletions.
diff --git a/src/librpsecure/win32/integrity_level.c b/src/librpsecure/win32/integrity_level.c
@@ -15,7 +15,6 @@
 #include <assert.h>
 #include <errno.h>
 #include <malloc.h>
-#include <stdio.h>
 #include <stdlib.h>
 
 // Windows includes.
@@ -67,13 +66,35 @@ static DWORD adjustTokenIntegrityLevel(HANDLE hToken, int level)
 	PSID pIntegritySid = NULL;
 	TOKEN_MANDATORY_LABEL tml;
 	DWORD dwLastError;
-	TCHAR szIntegritySid[20];
+	TCHAR szIntegritySid[20] = _T("S-1-16-");
 
 	// TODO: Verify the integrity level value?
 	if (level < 0) {
 		return ERROR_INVALID_PARAMETER;
 	}
-	_sntprintf(szIntegritySid, _countof(szIntegritySid), _T("S-1-16-%d"), level);
+
+	// NOTE: We can't use _sntprintf() here because that's a libc function,
+	// and we can't link to libc because of static vs. DLL CRT issues when
+	// linking to svrplus release builds.
+	if (level == 0) {
+		szIntegritySid[7] = '0';
+		szIntegritySid[8] = '\0';
+	} else {
+		TCHAR tmpbuf[16];
+		TCHAR *p = tmpbuf;
+		TCHAR *q = &szIntegritySid[7];
+
+		while (level > 0) {
+			*p++ = _T('0') + (level % 10);
+			level /= 10;
+		}
+		*p = '\0';
+		p--;
+		for (; p >= tmpbuf; p--) {
+			*q++ = *p;
+		}
+		*q = '\0';
+	}
 
 	// Based on Chromium's SetTokenIntegrityLevel().
 	if (!ConvertStringSidToSid(szIntegritySid, &pIntegritySid)) {