Static Code Analysis: Avoid over-flaw in arithmetic operations by adding more checks. Add extra checks. Solve various issues.

src/Format/InPlace.c

@@ -21,6 +21,7 @@ IMPORTANT: Due to this issue, functions in this file must not directly interact
 #include <stdlib.h>
 #include <string.h>
 #include <string>
+#include <intsafe.h>
 
 #include "Tcdefs.h"
 #include "Platform/Finally.h"
@@ -71,6 +72,17 @@ static __int64 NewFileSysSizeAfterShrink (HANDLE dev, const char *devicePath, in
 		return -1;
 	}
 
+	if (	(ntfsVolData.NumberSectors.QuadPart <= 0)
+		||	(ntfsVolData.NumberSectors.QuadPart > (INT64_MAX / (__int64) ntfsVolData.BytesPerSector)) // overflow test
+		)
+	{
+		SetLastError (ERROR_INTERNAL_ERROR);
+		if (!silent)
+			handleWin32Error (MainDlg);
+
+		return -1;
+	}	
+
 	fileSysSize = ntfsVolData.NumberSectors.QuadPart * ntfsVolData.BytesPerSector;
 
 	desiredNbrSectors = (fileSysSize - TC_TOTAL_VOLUME_HEADERS_SIZE) / ntfsVolData.BytesPerSector;

src/Format/Tcformat.c

@@ -2537,13 +2537,12 @@ static void __cdecl volTransformThreadFunction (void *hwndDlgArg)
 			if (!bInPlaceEncNonSys)
 				SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL);
 
-			if (volParams != NULL)
-			{
-				burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS));
-				VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS));
-				free ((LPVOID) volParams);
-				volParams = NULL;
-			}
+
+			// volParams is ensured to be non NULL at this stage
+			burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS));
+			VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS));
+			free ((LPVOID) volParams);
+			volParams = NULL;
 
 			bVolTransformThreadRunning = FALSE;
 			bVolTransformThreadCancel = FALSE;
@@ -9027,6 +9026,7 @@ int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, char *lpszComm
 	DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_VOL_CREATION_WIZARD_DLG), NULL, (DLGPROC) MainDialogProc, 
 		(LPARAM)lpszCommandLine);
 
+	FinalizeApp ();
 	return 0;
 }