Security: use signed integers for string lengths and array lenghts by default
Standard functions, such as strnlen(), appear to operate on signed integers instead of unsigned.
Not being able to handle unsigned integers provides unknown behavior that could lead to potential security vulnerabilities.
Future versions of this project will likely need to abandon these methods for more flexible alternatives.
Example problem:
sources/c/console.c:36:23: warning: 'strnlen' specified bound
18446744073709551615 exceeds maximum object size
9223372036854775807 [-Wstringop-overflow=]
36 | string_length = strnlen(argv[location], f_console_max_size);
That is 2^63 instead of the expected 2^64.
The array lengths were converted to signed as well.
projects / fll / commit