My patch is not fine (because of the switch case error I introduced). What I meant is that _tcscpy() is only dangerous if either the source buffer is not 0 terminated, or the source buffer is 0 terminated but the destination buffer is too small.
After further inspection of the original code, I believe it only runs _tcscpy() on 0 terminated source buffers, and correctly takes care of allocating destination buffers big enough so that they cannot be overrun.
That's why I believe the original code is ok and does not need to be patched.
My patch is not fine (because of the switch case error I introduced). What I meant is that _tcscpy() is only dangerous if either the source buffer is not 0 terminated, or the source buffer is 0 terminated but the destination buffer is too small.
After further inspection of the original code, I believe it only runs _tcscpy() on 0 terminated source buffers, and correctly takes care of allocating destination buffers big enough so that they cannot be overrun.
That's why I believe the original code is ok and does not need to be patched.