From cd4748fb25007329f01ce7bd097b862f1849c580 Mon Sep 17 00:00:00 2001
From: Lev Stipakov <lev@openvpn.net>
Date: Wed, 2 Feb 2022 19:34:28 +0200
Subject: [PATCH] wcstok: use security-enhanced version

Replace old wcstok signature with security-enhanced
version, which stores position information between calls in
"context" parameter instead of internal per-thread context.

This allows to get rid of _CRT_NON_CONFORMING_WCSTOK
define in CMakeLists.txt

Reported-by: Kai Schtrom

Signed-off-by: Lev Stipakov <lev@openvpn.net>
---
 CMakeLists.txt | 3 +--
 as.c           | 5 +++--
 proxy.c        | 5 +++--
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 75705fb..d263f29 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -67,5 +67,4 @@ target_compile_definitions(${PROJECT_NAME} PRIVATE
     _UNICODE
     UNICODE
     WIN32_LEAN_AND_MEAN
-    HAVE_CONFIG_H
-    _CRT_NON_CONFORMING_WCSTOK)
+    HAVE_CONFIG_H)
diff --git a/as.c b/as.c
index 4fb9d8b..75556dc 100644
--- a/as.c
+++ b/as.c
@@ -77,7 +77,8 @@ ExtractProfileName(const WCHAR *profile, const WCHAR *default_name, WCHAR *out_n
     WCHAR *buf = _wcsdup(profile);
 
     WCHAR *pch = NULL;
-    pch = wcstok(buf, L"\r\n");
+    WCHAR *ctx = NULL;
+    pch = wcstok_s(buf, L"\r\n", &ctx);
 
     while (pch != NULL) {
         if (wcsbegins(pch, PROFILE_NAME_TOKEN)) {
@@ -89,7 +90,7 @@ ExtractProfileName(const WCHAR *profile, const WCHAR *default_name, WCHAR *out_n
             friendly_name[PROFILE_NAME_LEN - 1] = L'\0';
         }
 
-        pch = wcstok(NULL, L"\r\n");
+        pch = wcstok_s(NULL, L"\r\n", &ctx);
     }
 
     /* we use .ovpn here, but extension could be customized */
diff --git a/proxy.c b/proxy.c
index 7a51d6c..a022a24 100644
--- a/proxy.c
+++ b/proxy.c
@@ -475,7 +475,8 @@ ParseProxyString(LPWSTR proxy_str, url_scheme scheme,
         return;
 
     LPCWSTR delim = L"; ";
-    LPWSTR token = wcstok(proxy_str, delim);
+    LPWSTR ctx = NULL;
+    LPWSTR token = wcstok_s(proxy_str, delim, &ctx);
 
     LPCWSTR scheme_str = UrlSchemeStr(scheme);
     LPCWSTR socks_str = UrlSchemeStr(SOCKS_URL);
@@ -545,7 +546,7 @@ ParseProxyString(LPWSTR proxy_str, url_scheme scheme,
 
             break;
         }
-        token = wcstok(NULL, delim);
+        token = wcstok_s(NULL, delim, &ctx);
     }
 }