9 files changed, 111 insertions, 132 deletions
diff --git a/plugins/CryptoPP/src/base16.cpp b/plugins/CryptoPP/src/base16.cpp
index 700cec8502..d28daf99a3 100644
--- a/plugins/CryptoPP/src/base16.cpp
+++ b/plugins/CryptoPP/src/base16.cpp
@@ -20,8 +20,8 @@ char *base16encode(const char *inBuffer, int count) {
 
 char *base16decode(const char *inBuffer, unsigned int *count) {
 
-	char *outBuffer = (char *) malloc(*count);
-	BYTE *outBufferPtr = (BYTE *) outBuffer;
+	char *outBuffer = (char *)mir_alloc(*count);
+	BYTE *outBufferPtr = (BYTE *)outBuffer;
 	bool big_endian = false;
 
 	if (*inBuffer == '0' && *(inBuffer+1) == 'x') {
diff --git a/plugins/CryptoPP/src/cpp_cntx.cpp b/plugins/CryptoPP/src/cpp_cntx.cpp
index f0f1c2d96b..54a4d88bed 100644
--- a/plugins/CryptoPP/src/cpp_cntx.cpp
+++ b/plugins/CryptoPP/src/cpp_cntx.cpp
@@ -70,7 +70,7 @@ PBYTE cpp_alloc_pdata(pCNTX ptr) {
 // free memory from keys
 void cpp_free_keys(pCNTX ptr) {
 
-	SAFE_FREE(ptr->tmp);
+	replaceStr(ptr->tmp, 0);
 	cpp_alloc_pdata(ptr);
 	if ( ptr->mode & MODE_PGP ) {
 		pPGPDATA p = (pPGPDATA) ptr->pdata;
@@ -93,7 +93,7 @@ void cpp_free_keys(pCNTX ptr) {
 		pSIMDATA p = (pSIMDATA) ptr->pdata;
 		SAFE_FREE(p->PubA);
 		SAFE_FREE(p->KeyA);
-		SAFE_FREE(p->KeyB);
+		mir_free(p->KeyB);
 		SAFE_FREE(p->KeyX);
 		SAFE_FREE(p->KeyP);
 		SAFE_DELETE(p->dh);
diff --git a/plugins/CryptoPP/src/cpp_gpgw.cpp b/plugins/CryptoPP/src/cpp_gpgw.cpp
index ff62e0104d..3336b825df 100644
--- a/plugins/CryptoPP/src/cpp_gpgw.cpp
+++ b/plugins/CryptoPP/src/cpp_gpgw.cpp
@@ -68,17 +68,18 @@ LPSTR __cdecl gpg_get_error()
 
 LPSTR __cdecl gpg_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 {
-   	ptr->error = ERROR_NONE;
+	ptr->error = ERROR_NONE;
 	pGPGDATA p = (pGPGDATA) ptr->pdata;
-	SAFE_FREE(ptr->tmp);
 
 	LPSTR szEncMsg;
 	szEncMsg = _gpg_encrypt(szPlainMsg,(LPCSTR)p->gpgKeyID);
-	if (!szEncMsg) return 0;
+	if (!szEncMsg) {
+		replaceStr(ptr->tmp, 0);
+		return 0;
+	}
 
-	ptr->tmp = (LPSTR)_strdup(szEncMsg);
+	replaceStr(ptr->tmp, mir_strdup(szEncMsg));
 	LocalFree((LPVOID)szEncMsg);
-
 	return ptr->tmp;
 }
 
@@ -86,17 +87,9 @@ LPSTR __cdecl gpg_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 LPSTR __cdecl gpg_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 {
     ptr->error = ERROR_NONE;
-    SAFE_FREE(ptr->tmp);
 
     LPSTR szPlainMsg = _gpg_decrypt(szEncMsg);
-/*	if (!szPlainMsg) {
-	    ptr = get_context_on_id(hPGPPRIV); // find private pgp keys
-    	if (ptr && ptr->pgpKey)
-			szPlainMsg = _gpg_decrypt_key(szEncMsg,(LPCSTR)ptr->pgpKey);
-		if (!szPlainMsg) return NULL;
-    }*/
-
-    ptr->tmp = (LPSTR)_strdup(szPlainMsg);
+    replaceStr(ptr->tmp, mir_strdup(szPlainMsg));
     LocalFree((LPVOID)szPlainMsg);
 
     return ptr->tmp;
@@ -143,8 +136,7 @@ LPSTR __cdecl gpg_decode(HANDLE context, LPCSTR szEncMsg)
 			szNewMsg = _strdup(szOldMsg);
 		}
 	}
-	SAFE_FREE(ptr->tmp);
-	ptr->tmp = szNewMsg;
+	replaceStr(ptr->tmp, szNewMsg);
 	return szNewMsg;
 }
 
diff --git a/plugins/CryptoPP/src/cpp_keys.cpp b/plugins/CryptoPP/src/cpp_keys.cpp
index c1b2d9efb5..990ead35ec 100644
--- a/plugins/CryptoPP/src/cpp_keys.cpp
+++ b/plugins/CryptoPP/src/cpp_keys.cpp
@@ -57,11 +57,10 @@ LPSTR __cdecl cpp_init_keya(HANDLE context, int features) {
 	}
 	memcpy((PVOID)&publ1[KEYSIZE],(PVOID)&send_features,2);
 
-	SAFE_FREE(ptr->tmp);
 	if (ptr->mode & MODE_BASE64 || features & FEATURES_NEWPG)
-		ptr->tmp = mir_base64_encode(publ1,KEYSIZE+2);
+		replaceStr(ptr->tmp, mir_base64_encode(publ1,KEYSIZE+2));
 	else
-		ptr->tmp = base16encode((LPSTR)&publ1,KEYSIZE+2);
+		replaceStr(ptr->tmp, base16encode((LPSTR)&publ1,KEYSIZE+2));
 
 	return ptr->tmp;
 }
@@ -79,7 +78,7 @@ int __cdecl cpp_init_keyb(HANDLE context, LPCSTR key) {
 	LPSTR pub_binary;
 	if ((clen==KEYSIZE*2) || (clen==(KEYSIZE+2)*2))
 		pub_binary = base16decode(key,&clen);
-	else 
+	else
 		pub_binary = (LPSTR)mir_base64_decode(key,&clen);
 
 	if ( !pub_binary || (clen!=KEYSIZE && clen!=KEYSIZE+2) ) {
@@ -87,7 +86,7 @@ int __cdecl cpp_init_keyb(HANDLE context, LPCSTR key) {
 		Sent_NetLog("cpp_init_keyb: error bad_keyb");
 #endif
 		ptr->error = ERROR_BAD_KEYB;
-		SAFE_FREE(pub_binary);
+		mir_free(pub_binary);
 		return 0;
 	}
 
@@ -121,14 +120,14 @@ int __cdecl cpp_init_keyb(HANDLE context, LPCSTR key) {
 		}
 	}
 
-	SAFE_FREE(p->KeyB);
+	mir_free(p->KeyB);
 	p->KeyB = (PBYTE) pub_binary;
 
 	if (p->PubA && memcmp(p->PubA,p->KeyB,KEYSIZE)==0) {
 #if defined(_DEBUG) || defined(NETLIB_LOG)
 		Sent_NetLog("cpp_init_keyb: error bad_keyb keya==keyb");
 #endif
-		SAFE_FREE(p->KeyB);
+		mir_free(p->KeyB);
 		ptr->error = ERROR_BAD_KEYB;
 		return 0;
 	}
@@ -156,8 +155,7 @@ int __cdecl cpp_calc_keyx(HANDLE context) {
 		// not needed anymore
 		SAFE_FREE(p->PubA);
 		SAFE_FREE(p->KeyA);
-		SAFE_FREE(p->KeyB);
-//		SAFE_DELETE(p->dh);
+		mir_free(p->KeyB); p->KeyB = 0;
 
 		BYTE buffer[Tiger::DIGESTSIZE]; // buffer for hash
 		memset(buffer,0,sizeof(buffer));
diff --git a/plugins/CryptoPP/src/cpp_misc.cpp b/plugins/CryptoPP/src/cpp_misc.cpp
index 28d89f7cde..77de159fcb 100644
--- a/plugins/CryptoPP/src/cpp_misc.cpp
+++ b/plugins/CryptoPP/src/cpp_misc.cpp
@@ -43,7 +43,7 @@ void __cdecl cpp_set_keyx(HANDLE context, BYTE *key) {
     pCNTX ptr; pSIMDATA p; if (!cpp_get_simdata(context,&ptr,&p)) return;
     SAFE_FREE(p->PubA);
     SAFE_FREE(p->KeyA);
-    SAFE_FREE(p->KeyB);
+	 mir_free(p->KeyB); p->KeyB = 0;
     SAFE_FREE(p->KeyX);
     p->KeyX = (PBYTE) malloc(Tiger::DIGESTSIZE+2);
     memcpy(p->KeyX,key,Tiger::DIGESTSIZE);
diff --git a/plugins/CryptoPP/src/cpp_pgpw.cpp b/plugins/CryptoPP/src/cpp_pgpw.cpp
index 84349583c7..96a6baece4 100644
--- a/plugins/CryptoPP/src/cpp_pgpw.cpp
+++ b/plugins/CryptoPP/src/cpp_pgpw.cpp
@@ -145,16 +145,18 @@ LPSTR __cdecl pgp_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 {
 	ptr->error = ERROR_NONE;
 	pPGPDATA p = (pPGPDATA) ptr->pdata;
-	SAFE_FREE(ptr->tmp);
 
 	LPSTR szEncMsg;
 	if (p->pgpKey) 
 		szEncMsg = p_pgp_encrypt_key(szPlainMsg,(LPCSTR)p->pgpKey);
 	else
 		szEncMsg = p_pgp_encrypt_keydb(szPlainMsg,p->pgpKeyID);
-	if (!szEncMsg) return 0;
+	if (!szEncMsg) {
+		replaceStr(ptr->tmp, NULL);
+		return 0;
+	}
 
-	ptr->tmp = (LPSTR) _strdup(szEncMsg);
+	replaceStr(ptr->tmp, mir_strdup(szEncMsg));
 	LocalFree((LPVOID)szEncMsg);
 
 	return ptr->tmp;
@@ -164,7 +166,6 @@ LPSTR __cdecl pgp_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 LPSTR __cdecl pgp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 {
 	ptr->error = ERROR_NONE;
-	SAFE_FREE(ptr->tmp);
 
 	LPSTR szPlainMsg = p_pgp_decrypt_keydb(szEncMsg);
 	if (!szPlainMsg) {
@@ -174,12 +175,14 @@ LPSTR __cdecl pgp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 			if (p->pgpKey)
 				szPlainMsg = p_pgp_decrypt_key(szEncMsg,(LPCSTR)p->pgpKey);
 		}
-		if (!szPlainMsg) return NULL;
+		if (!szPlainMsg) {
+			replaceStr(ptr->tmp, NULL);
+			return NULL;
+		}
 	}
 
-	ptr->tmp = (LPSTR) _strdup(szPlainMsg);
+	replaceStr(ptr->tmp, mir_strdup(szPlainMsg));
 	LocalFree((LPVOID)szPlainMsg);
-
 	return ptr->tmp;
 }
 
@@ -215,8 +218,7 @@ LPSTR __cdecl pgp_decode(HANDLE context, LPCSTR szEncMsg)
 		}
 		else szNewMsg = _strdup(szOldMsg);
 	}
-	SAFE_FREE(ptr->tmp);
-	ptr->tmp = szNewMsg;
+	replaceStr(ptr->tmp, szNewMsg);
 	return szNewMsg;
 }
 
diff --git a/plugins/CryptoPP/src/cpp_rsam.cpp b/plugins/CryptoPP/src/cpp_rsam.cpp
index 2c0593bbfa..2b2afe5154 100644
--- a/plugins/CryptoPP/src/cpp_rsam.cpp
+++ b/plugins/CryptoPP/src/cpp_rsam.cpp
@@ -139,8 +139,8 @@ int __cdecl rsa_get_keypair(short mode, PBYTE privKey, int* privKeyLen, PBYTE pu
 	pCNTX ptr = get_context_on_id(hRSA4096); if (!ptr) return 0;
 	pRSAPRIV r = (pRSAPRIV) ptr->pdata;
 
-	*privKeyLen = r->priv_k.length(); if ( privKey ) r->priv_k.copy((char*)privKey, *privKeyLen);
-	*pubKeyLen = r->pub_k.length(); if ( pubKey ) r->pub_k.copy((char*)pubKey, *pubKeyLen);
+	*privKeyLen = (int)r->priv_k.length(); if ( privKey ) r->priv_k.copy((char*)privKey, *privKeyLen);
+	*pubKeyLen = (int)r->pub_k.length(); if ( pubKey ) r->pub_k.copy((char*)pubKey, *pubKeyLen);
 
 	return 1;
 }
@@ -153,8 +153,8 @@ int __cdecl rsa_get_keyhash(short mode, PBYTE privKey, int* privKeyLen, PBYTE pu
 	pCNTX ptr = get_context_on_id(hRSA4096); if (!ptr) return 0;
 	pRSAPRIV r = (pRSAPRIV) ptr->pdata;
 
-	if ( privKey ) { *privKeyLen = r->priv_s.length(); r->priv_s.copy((char*)privKey, *privKeyLen); }
-	if ( pubKey ) { *pubKeyLen = r->pub_s.length(); r->pub_s.copy((char*)pubKey, *pubKeyLen); }
+	if ( privKey ) { *privKeyLen = (int)r->priv_s.length(); r->priv_s.copy((char*)privKey, *privKeyLen); }
+	if ( pubKey ) { *pubKeyLen = (int)r->pub_s.length(); r->pub_s.copy((char*)pubKey, *pubKeyLen); }
 
 	return 1;
 }
@@ -202,7 +202,7 @@ int __cdecl rsa_get_pubkey(HANDLE context, PBYTE pubKey, int* pubKeyLen) {
 	pCNTX ptr = get_context_on_id(context);	if (!ptr) return 0;
 	pRSADATA p = (pRSADATA) cpp_alloc_pdata(ptr);
 
-	*pubKeyLen = p->pub_k.length(); if ( pubKey ) p->pub_k.copy((char*)pubKey, *pubKeyLen);
+	*pubKeyLen = (int)p->pub_k.length(); if ( pubKey ) p->pub_k.copy((char*)pubKey, *pubKeyLen);
 
 	return 1;
 }
@@ -249,8 +249,9 @@ int __cdecl rsa_get_hash(PBYTE pubKey, int pubKeyLen, PBYTE pubHash, int* pubHas
 	string sig;
 	sig = ::hash(pubKey, pubKeyLen);
 
-	*pubHashLen = sig.length();
-	if ( pubHash ) sig.copy((char*)pubHash, *pubHashLen);
+	*pubHashLen = (int)sig.length();
+	if (pubHash)
+		sig.copy((char*)pubHash, *pubHashLen);
 
 	return 1;
 }
@@ -413,26 +414,24 @@ LPSTR __cdecl rsa_recv(HANDLE context, LPCSTR msg) {
 
 	case 0x70: // �������� AES ���������, ����������
 	{
-		SAFE_FREE(ptr->tmp);
 		string msg = decode_msg(p,data);
-		if ( msg.length() ) {
-			ptr->tmp = (LPSTR) _strdup(msg.c_str());
-		}
+		if ( msg.length() )
+			replaceStr(ptr->tmp, mir_strdup(msg.c_str()));
 		else {
 			imp->rsa_notify(context,-5); // ������ ������������� AES ���������
+			replaceStr(ptr->tmp, NULL);
 		}
 		return ptr->tmp;
 	} break;
 
 	case 0xE0: // �������� RSA ���������, ����������
 	{
-		SAFE_FREE(ptr->tmp);
 		string msg = decode_rsa(p,r,data);
-		if ( msg.length() ) {
-			ptr->tmp = (LPSTR) _strdup(msg.c_str());
-		}
+		if ( msg.length() )
+			replaceStr(ptr->tmp, mir_strdup(msg.c_str()));
 		else {
 			imp->rsa_notify(context,-6); // ������ ������������� RSA ���������
+			replaceStr(ptr->tmp, NULL);
 		}
 		return ptr->tmp;
 	} break;
@@ -743,7 +742,7 @@ int __cdecl rsa_recv_thread(HANDLE context, string& msg) {
 		int features; string pub;
 		un_tlv(un_tlv(data,t[0],features),t[1],pub);
 		string sig = ::hash(pub);
-		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(),pub.length(),(PBYTE)sig.data(),sig.length()) ) {
+		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(), (int)pub.length(),(PBYTE)sig.data(), (int)sig.length()) ) {
 			p->state=0; p->time=0;
 			null_msg(context,0x00,-type); // ������ ��������� �� ������
 			return 0;
@@ -770,7 +769,7 @@ int __cdecl rsa_recv_thread(HANDLE context, string& msg) {
 		int features; string pub;
 		un_tlv(un_tlv(data,t[0],features),t[1],pub);
 		string sig = ::hash(pub);
-		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(),pub.length(),(PBYTE)sig.data(),sig.length()) ) {
+		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(), (int)pub.length(),(PBYTE)sig.data(), (int)sig.length()) ) {
 			p->state=0; p->time=0;
 			null_msg(context,0x00,-type); // ������ ��������� �� ������
 			return 0;
@@ -790,7 +789,7 @@ int __cdecl rsa_recv_thread(HANDLE context, string& msg) {
 		string pub;
 		un_tlv(data,t[0],pub);
 		string sig = ::hash(pub);
-		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(),pub.length(),(PBYTE)sig.data(),sig.length()) ) {
+		if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(), (int)pub.length(), (PBYTE)sig.data(), (int)sig.length()) ) {
 			p->state=0; p->time=0;
 			null_msg(context,0x00,-type); // ������ ��������� �� ������
 			return 0;
@@ -829,7 +828,7 @@ int __cdecl rsa_recv_thread(HANDLE context, string& msg) {
 		un_tlv(un_tlv(un_tlv(data,t[0],features),t[1],pub),t[2],sha);
 		if ( p->pub_k!=pub ) { // ������ ����� ������
 			string sig = ::hash(pub);
-			if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(),pub.length(),(PBYTE)sig.data(),sig.length()) ) {
+			if ( !imp->rsa_check_pub(context,(PBYTE)pub.data(), (int)pub.length(),(PBYTE)sig.data(), (int)sig.length()) ) {
 				p->state=0; p->time=0;
 				null_msg(context,0x00,-type); // ������ ��������� �� ������
 				return 0;
@@ -993,42 +992,40 @@ int __cdecl rsa_import_keypair(short mode, LPSTR privKey, LPSTR passPhrase) {
 	if ( !passPhrase ) return 0;
 
 	string priv;
-	u_int found;
-
 	priv.assign(privKey);
 	del_delim(priv,crlf);
 
-	found = priv.find(priv_beg);
+	size_t found = priv.find(priv_beg);
 	if ( found != string::npos ) {
-	    priv = priv.substr(found+priv_beg.length());
-	    found = priv.find(priv_end);
-	    if ( found != string::npos ) {
-		priv = base64decode(priv.substr(0,found));
-		TLV k(priv);
-		if ( k.exist(1) && k.exist(2) && ::hash(k.get(1)) == k.get(2) ) {
-		    priv = k.get(1);
-		    
-		    string key = hash256(passPhrase);
-		    string iv = hash256(key);
-
-		    string unciphered;
-		    try {
-			CBC_Mode<AES>::Decryption dec((PBYTE)key.data(),key.length(),(PBYTE)iv.data());
-			StreamTransformationFilter cbcDecryptor(dec,new StringSink(unciphered));
-			cbcDecryptor.Put((PBYTE)priv.data(),priv.length());
-			cbcDecryptor.MessageEnd();
-		    }
-		    catch (...)	{
+		priv = priv.substr(found+priv_beg.length());
+		found = priv.find(priv_end);
+		if ( found != string::npos ) {
+			priv = base64decode(priv.substr(0,found));
+			TLV k(priv);
+			if ( k.exist(1) && k.exist(2) && ::hash(k.get(1)) == k.get(2) ) {
+				priv = k.get(1);
+
+				string key = hash256(passPhrase);
+				string iv = hash256(key);
+
+				string unciphered;
+				try {
+					CBC_Mode<AES>::Decryption dec((PBYTE)key.data(),key.length(),(PBYTE)iv.data());
+					StreamTransformationFilter cbcDecryptor(dec,new StringSink(unciphered));
+					cbcDecryptor.Put((PBYTE)priv.data(),priv.length());
+					cbcDecryptor.MessageEnd();
+				}
+				catch (...)	{
 #if defined(_DEBUG) || defined(NETLIB_LOG)
-			Sent_NetLog("rsa_import_keypair: error bad_passphrase");
+					Sent_NetLog("rsa_import_keypair: error bad_passphrase");
 #endif
-			return 0;
-		    }
+					return 0;
+				}
 
-		    init_priv(r,unciphered);
-		    return 1;
+				init_priv(r,unciphered);
+				return 1;
+			}
 		}
-	    }
 	}
 
 	return 0;
@@ -1063,23 +1060,21 @@ int __cdecl rsa_import_pubkey(HANDLE context, LPSTR pubKey) {
 	if ( !pubKey ) return 0;
 
 	string pub;
-	u_int found;
-
 	pub.assign(pubKey);
 	del_delim(pub,crlf);
 
-	found = pub.find(pub_beg);
+	size_t found = pub.find(pub_beg);
 	if ( found != string::npos ) {
-	    pub = pub.substr(found+pub_beg.length());
-	    found = pub.find(pub_end);
-	    if ( found != string::npos ) {
-		pub = base64decode(pub.substr(0,found));
-		TLV k(pub);
-		if ( k.exist(3) && k.exist(4) && ::hash(k.get(3)) == k.get(4) ) {
-		    init_pub(p,k.get(3));
-		    return 1;
-		}
-	    }	
+		pub = pub.substr(found+pub_beg.length());
+		found = pub.find(pub_end);
+		if ( found != string::npos ) {
+			pub = base64decode(pub.substr(0,found));
+			TLV k(pub);
+			if ( k.exist(3) && k.exist(4) && ::hash(k.get(3)) == k.get(4) ) {
+				init_pub(p,k.get(3));
+				return 1;
+			}
+		}	
 	}	
 	return 0;
 }
diff --git a/plugins/CryptoPP/src/cpp_svcs.cpp b/plugins/CryptoPP/src/cpp_svcs.cpp
index 990ab22f29..07b4030633 100644
--- a/plugins/CryptoPP/src/cpp_svcs.cpp
+++ b/plugins/CryptoPP/src/cpp_svcs.cpp
@@ -47,13 +47,12 @@ LPSTR __cdecl cpp_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 	}
 	if (ptr->features & FEATURES_GZIP)
 		ciphered.insert(0,(LPSTR)&dataflag,1);
-	SAFE_FREE(ptr->tmp);
-
+	
 	clen = (unsigned)ciphered.length();
 	if (ptr->features & FEATURES_BASE64)
-		ptr->tmp = mir_base64_encode((PBYTE)ciphered.data(), clen);
+		replaceStr(ptr->tmp, mir_base64_encode((PBYTE)ciphered.data(), clen));
 	else
-		ptr->tmp = base16encode(ciphered.data(), clen);
+		replaceStr(ptr->tmp, base16encode(ciphered.data(), clen));
 
 	return ptr->tmp;
 }
@@ -62,7 +61,7 @@ LPSTR __cdecl cpp_encrypt(pCNTX ptr, LPCSTR szPlainMsg)
 // decrypt string using KeyX, return decoded string as ASCII or NULL
 LPSTR __cdecl cpp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 {
-	LPSTR ciphered = NULL;
+	ptrA ciphered;
 
 	try {
 		ptr->error = ERROR_SEH;
@@ -86,11 +85,10 @@ LPSTR __cdecl cpp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 			int len = *( WORD* )bciphered;
 			bciphered+=2; clen-=2; // cut CRC32 length
 
-			if (clen - CRC32::DIGESTSIZE < len) { // mesage not full
+			if ((int)clen - CRC32::DIGESTSIZE < len) { // mesage not full
 #if defined(_DEBUG) || defined(NETLIB_LOG)
 				Sent_NetLog("cpp_decrypt: error bad_len");
 #endif
-				free(ciphered);
 				ptr->error = ERROR_BAD_LEN;
 				return NULL;
 			}
@@ -104,12 +102,11 @@ LPSTR __cdecl cpp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 #if defined(_DEBUG) || defined(NETLIB_LOG)
 				Sent_NetLog("cpp_decrypt: error bad_crc");
 #endif
-				free(ciphered);
 				ptr->error = ERROR_BAD_CRC;
 				return NULL;
 			}
-			bciphered+=CRC32::DIGESTSIZE; // cut CRC32 digest
-			clen=len;
+			bciphered += CRC32::DIGESTSIZE; // cut CRC32 digest
+			clen = len;
 		}
 
 		string unciphered;
@@ -120,15 +117,13 @@ LPSTR __cdecl cpp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 		cbcDecryptor.Put((PBYTE)bciphered,clen);
 		cbcDecryptor.MessageEnd();
 
-		free(ciphered);
-		SAFE_FREE(ptr->tmp);
-
 		if (dataflag & DATA_GZIP) {
 			size_t clen2 = clen;
-			ptr->tmp = (LPSTR) cpp_gunzip((PBYTE)unciphered.data(),unciphered.length(),clen2);
-			ptr->tmp[clen2] = 0;
+			LPSTR res = (LPSTR)cpp_gunzip((PBYTE)unciphered.data(),unciphered.length(),clen2);
+			replaceStr(ptr->tmp, mir_strndup(res, clen2));
+			free(res);
 		}
-		else ptr->tmp = (LPSTR) _strdup(unciphered.c_str());
+		else replaceStr(ptr->tmp, mir_strdup(unciphered.c_str()));
 
 		ptr->error = ERROR_NONE;
 		return ptr->tmp;
@@ -137,8 +132,7 @@ LPSTR __cdecl cpp_decrypt(pCNTX ptr, LPCSTR szEncMsg)
 #if defined(_DEBUG) || defined(NETLIB_LOG)
 		Sent_NetLog("cpp_decrypt: error seh");
 #endif
-		free(ciphered);
-		SAFE_FREE(ptr->tmp);
+		mir_free(ptr->tmp); ptr->tmp = 0;
 		return NULL;
 	}
 }
@@ -157,7 +151,7 @@ LPSTR __cdecl cpp_encodeA(HANDLE context, LPCSTR msg)
 
 	if (ptr->features & FEATURES_UTF8) {
 		// ansi message: convert to unicode->utf-8 and encrypt.
-		int slen = strlen(szOldMsg)+1;
+		int slen = (int)strlen(szOldMsg)+1;
 		LPWSTR wstring = (LPWSTR) alloca(slen*sizeof(WCHAR));
 		MultiByteToWideChar(CP_ACP, 0, szOldMsg, -1, wstring, slen*sizeof(WCHAR));
 		// encrypt
@@ -190,7 +184,7 @@ LPSTR __cdecl cpp_encodeU(HANDLE context, LPCSTR msg)
 	else {
 		// utf8 message: convert to ansi and encrypt.
 		LPWSTR wstring = utf8decode(szOldMsg);
-		int wlen = wcslen(wstring)+1;
+		int wlen = (int)wcslen(wstring)+1;
 		LPSTR astring = (LPSTR) alloca(wlen);
 		WideCharToMultiByte(CP_ACP, 0, (LPWSTR)szOldMsg, -1, astring, wlen, 0, 0);
 		szNewMsg = cpp_encrypt(ptr, astring);
@@ -216,7 +210,7 @@ LPSTR __cdecl cpp_encodeW(HANDLE context, LPWSTR msg)
 	}
 	else {
 		// unicode message: convert to ansi and encrypt.
-		int wlen = wcslen((LPWSTR)szOldMsg)+1;
+		int wlen = (int)wcslen((LPWSTR)szOldMsg)+1;
 		LPSTR astring = (LPSTR) alloca(wlen);
 		WideCharToMultiByte(CP_ACP, 0, (LPWSTR)szOldMsg, -1, astring, wlen, 0, 0);
 		szNewMsg = cpp_encrypt(ptr, astring);
@@ -241,23 +235,22 @@ LPSTR __cdecl cpp_decode(HANDLE context, LPCSTR szEncMsg)
 		if (ptr->features & FEATURES_UTF8) {
 			// utf8 message: convert to unicode -> ansii
 			LPWSTR wstring = utf8decode(szOldMsg);
-			int wlen = wcslen(wstring)+1;
-			szNewMsg = (LPSTR) malloc(wlen*(sizeof(WCHAR)+2));			// work.zy@gmail.com
+			int wlen = (int)wcslen(wstring)+1;
+			szNewMsg = (LPSTR)mir_alloc(wlen*(sizeof(WCHAR)+2));			// work.zy@gmail.com
 			WideCharToMultiByte(CP_ACP, 0, wstring, -1, szNewMsg, wlen, 0, 0);
 			memcpy(szNewMsg+strlen(szNewMsg)+1, wstring, wlen*sizeof(WCHAR));	// work.zy@gmail.com
 		}
 		else {
 			// ansi message: convert to unicode
-			int slen = strlen(szOldMsg)+1;
-			szNewMsg = (LPSTR) malloc(slen*(sizeof(WCHAR)+1));
+			int slen = (int)strlen(szOldMsg)+1;
+			szNewMsg = (LPSTR)mir_alloc(slen*(sizeof(WCHAR)+1));
 			memcpy(szNewMsg,szOldMsg,slen);
 			WCHAR* wstring = (LPWSTR) alloca(slen*sizeof(WCHAR));
 			MultiByteToWideChar(CP_ACP, 0, szOldMsg, -1, wstring, slen*sizeof(WCHAR));
 			memcpy(szNewMsg+slen,wstring,slen*sizeof(WCHAR));
 		}
 	}
-	SAFE_FREE(ptr->tmp);
-	ptr->tmp = szNewMsg;
+	replaceStr(ptr->tmp, szNewMsg);
 	return szNewMsg;
 }
 
@@ -275,18 +268,17 @@ LPSTR __cdecl cpp_decodeU(HANDLE context, LPCSTR szEncMsg)
 	if (szOldMsg) {
 		if (ptr->features & FEATURES_UTF8) {
 			// utf8 message: copy
-			szNewMsg = _strdup(szOldMsg);
+			szNewMsg = mir_strdup(szOldMsg);
 		}
 		else {
 			// ansi message: convert to utf8
-			int slen = strlen(szOldMsg)+1;
+			int slen = (int)strlen(szOldMsg)+1;
 			LPWSTR wstring = (LPWSTR) alloca(slen*sizeof(WCHAR));
 			MultiByteToWideChar(CP_ACP, 0, szOldMsg, -1, wstring, slen*sizeof(WCHAR));
-			szNewMsg = _strdup(utf8encode(wstring));
+			szNewMsg = mir_strdup(utf8encode(wstring));
 		}
 	}
-	SAFE_FREE(ptr->tmp);
-	ptr->tmp = szNewMsg;
+	replaceStr(ptr->tmp, szNewMsg);
 	return szNewMsg;
 }
 
diff --git a/plugins/CryptoPP/src/version.h b/plugins/CryptoPP/src/version.h
index 9e5fcb1583..5b2341dd2e 100644
--- a/plugins/CryptoPP/src/version.h
+++ b/plugins/CryptoPP/src/version.h
@@ -1,7 +1,7 @@
 #define __MAJOR_VERSION				1
 #define __MINOR_VERSION				0
 #define __RELEASE_NUM				4
-#define __BUILD_NUM					6
+#define __BUILD_NUM					7
 
 #define __FILEVERSION_STRING		__MAJOR_VERSION,__MINOR_VERSION,__RELEASE_NUM,__BUILD_NUM
 #define __TOSTRING(x)				#x