Kevux Git Server - fll/commit

]> Kevux Git Server - fll/commit

author	Kevin Day <thekevinday@gmail.com>
	Sun, 5 Sep 2021 21:55:46 +0000 (16:55 -0500)
committer	Kevin Day <thekevinday@gmail.com>
	Sun, 5 Sep 2021 21:55:46 +0000 (16:55 -0500)
commit	dea292bf590a7ef851a5c97a1be8ae6d7ba6ed4b
tree	55db4ad7e3b2410ba37cfa868987069b270191a5	tree \| snapshot
parent	d9d246e25eccbdd3020a0023805d7d3772371ca2	commit \| diff

Security: Static/Dynamic string compare functions aren't properly handling empty strings or empty ranges.

When the static/dynamic string has used = 0 or the range.start > range.stop, then the string (or range) is empty.
The private function isn't aware of this and simply attempts to access the invalid ranges.
This will result in an invalid read.

Add the missing used and range checks.

level_1/fl_string/c/string.c

diff | blob | history

The Featureless Linux Library (FLL) Git repository.

RSS Atom