Security: Add extra check range checks in Featureless Make build skeleton.

author Kevin Day <kevin@kevux.org>

Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)

committer Kevin Day <kevin@kevux.org>

Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)
author Kevin Day <kevin@kevux.org>
Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)
committer Kevin Day <kevin@kevux.org>
Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)
diff --git a/level_3/fake/c/private-build-skeleton.c b/level_3/fake/c/private-build-skeleton.c

index e3b60ca9ac01929b49de77c215d71cb6efdd5d28..8e15020207aa40a9a8b26a797a9f531d864f1db1 100644 (file)
--- a/level_3/fake/c/private-build-skeleton.c
+++ b/level_3/fake/c/private-build-skeleton.c
@@ -56,6 +56,7 @@ extern "C" {
      }
  
      bool created = F_false;
+    f_array_length_t j = 0;
  
      for (uint8_t i = 0; i < 19; ++i) {
  
@@ -63,9 +64,9 @@ extern "C" {
  
        created = F_false;
  
-      for (f_array_length_t j = 0; j < directorys[i]->used; ++j) {
+      for (j = 0; j < directorys[i]->used; ++j) {
  
-        if (directorys[i]->string[j] != f_path_separator_s.string[0]) continue;
+        if (f_path_separator_s.used && directorys[i]->string[j] != f_path_separator_s.string[0]) continue;
  
          directorys[i]->string[j] = 0;
  
@@ -88,7 +89,7 @@ extern "C" {
          if (F_status_is_error(*status)) break;
        } // for
  
-      if (F_status_is_fine(*status) && directorys[i]->string[directorys[i]->used - 1] != f_path_separator_s.string[0]) {
+      if (F_status_is_fine(*status) && directorys[i]->used && f_path_separator_s.used && directorys[i]->string[directorys[i]->used - 1] != f_path_separator_s.string[0]) {
          *status = f_directory_exists(*directorys[i]);
  
          if (F_status_is_error_not(*status)) {
author	Kevin Day <kevin@kevux.org>
	Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)
committer	Kevin Day <kevin@kevux.org>
	Sun, 29 Jan 2023 22:43:14 +0000 (16:43 -0600)