]> Kevux Git Server - fll/commit
projects / fll / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad66216) | patch
Security: Invalid reads, always add NULL for compatibility.
authorKevin Day <thekevinday@gmail.com>
Sat, 19 Feb 2022 02:10:16 +0000 (20:10 -0600)
committerKevin Day <thekevinday@gmail.com>
Sat, 19 Feb 2022 02:10:16 +0000 (20:10 -0600)
commit11ac81ccd7fd85fc54c8d6115d705a00a9c266c5
tree6a3becc426a3c3d98b2cd18b6bf4bb899c961616tree | snapshot
parentad662162c06edc7a50952e91aeb72de651c901a7commit | diff
Security: Invalid reads, always add NULL for compatibility.

After switching from f_string_t to f_string_static_t, the NULL terminated string problem has become apparent.
If at any point in time these strings are passed to a standard function that expects NULL terminated strings, then an invalid read (or write) can occur.

Manually appending a NULL termination every time its needed has made the code messier than I would like.
This commit changes the behavior to instead always append a NULL termination after the string.used when appending strings.
I accept the additional resource cost of 1-byte per string to guarantee this.

This should make the program more easily more secure by catering to the NULL terminated string code out there.
This project still doesn't need the or care about NULL termination for most (but not all) of its functions.
41 files changed:
level_0/f_string/c/private-string.c diff | blob | history
level_1/fl_environment/c/environment.c diff | blob | history
level_1/fl_environment/c/environment.h diff | blob | history
level_2/fll_execute/c/execute.c diff | blob | history
level_2/fll_execute/c/execute.h diff | blob | history
level_2/fll_execute/c/private-execute.c diff | blob | history
level_2/fll_execute/c/private-execute.h diff | blob | history
level_2/fll_fss/c/fss.c diff | blob | history
level_2/fll_path/c/path.c diff | blob | history
level_2/fll_path/c/path.h diff | blob | history
level_3/control/c/private-control.c diff | blob | history
level_3/control/c/private-control.h diff | blob | history
level_3/controller/c/common/private-common.c diff | blob | history
level_3/controller/c/common/private-common.h diff | blob | history
level_3/controller/c/controller.c diff | blob | history
level_3/controller/c/controller/private-controller.c diff | blob | history
level_3/controller/c/controller/private-controller.h diff | blob | history
level_3/controller/c/entry/private-entry.c diff | blob | history
level_3/controller/c/entry/private-entry.h diff | blob | history
level_3/controller/c/entry/private-entry_print.c diff | blob | history
level_3/controller/c/process/private-process.c diff | blob | history
level_3/controller/c/process/private-process.h diff | blob | history
level_3/controller/c/rule/private-rule.c diff | blob | history
level_3/controller/c/rule/private-rule.h diff | blob | history
level_3/fake/c/private-build-library.c diff | blob | history
level_3/fake/c/private-build-load.c diff | blob | history
level_3/fake/c/private-build-load.h diff | blob | history
level_3/fake/c/private-build-objects.c diff | blob | history
level_3/fake/c/private-build.c diff | blob | history
level_3/fake/c/private-fake-path_generate.c diff | blob | history
level_3/fake/c/private-fake.c diff | blob | history
level_3/fake/c/private-make-load_fakefile.c diff | blob | history
level_3/fake/c/private-make-load_fakefile.h diff | blob | history
level_3/fake/c/private-make-operate.c diff | blob | history
level_3/fake/c/private-make-operate.h diff | blob | history
level_3/fake/c/private-make-operate_process.c diff | blob | history
level_3/fake/c/private-make-operate_process.h diff | blob | history
level_3/fake/c/private-make-operate_process_type.c diff | blob | history
level_3/fake/c/private-make-operate_process_type.h diff | blob | history
level_3/firewall/c/firewall.c diff | blob | history
level_3/firewall/c/private-firewall.c diff | blob | history
The Featureless Linux Library (FLL) Git repository.