"Tomasz Jezierski - Tefnet" <[EMAIL PROTECTED]> wrote: > - strcpyW(wfileName, sei_tmp.lpFile); > + StrCpyNW(wfileName, sei_tmp.lpFile,sizeof(wfileName)); > } > } else > - strcpyW(wfileName, sei_tmp.lpFile); > + StrCpyNW(wfileName, sei_tmp.lpFile,sizeof(wfileName));
Your patch doesn't make the code more secure than it is now. StrCpyNW takes number of characters, not bytes. And since it's just a wrapper around lstrcpynW it's better to use the latter one instead. -- Dmitry.