"Tomasz Jezierski - Tefnet" developers@tefnet.pl wrote:

• strcpyW(wfileName, sei_tmp.lpFile);
  

•       StrCpyNW(wfileName, sei_tmp.lpFile,sizeof(wfileName));
  

  } } else

• strcpyW(wfileName, sei_tmp.lpFile);

•   StrCpyNW(wfileName, sei_tmp.lpFile,sizeof(wfileName));
  

Your patch doesn't make the code more secure than it is now. StrCpyNW takes number of characters, not bytes. And since it's just a wrapper around lstrcpynW it's better to use the latter one instead.