Security: Invalid read when processing an empty fakefile.

The check should be a greater than or equal to rather than a greater than.

The code really shouldn't get here anyway.
Do not continue processing if fakefile is empty.

diff --git a/level_3/fake/c/private-make-operate.c b/level_3/fake/c/private-make-operate.c
index b713c00f987c412ccff9158ebb08548326095686..483e5233d1fd19a69c821e6bb728686bb9d77d88 100644 (file)
--- a/level_3/fake/c/private-make-operate.c
+++ b/level_3/fake/c/private-make-operate.c
@@ -80,6 +80,12 @@ extern "C" {
       return status;
     }
 
+    if (!data_make.buffer.used) {
+      fake_make_data_delete(&data_make);
+
+      return F_data_not;
+    }
+
     if (data_make.setting_make.fail == fake_make_operation_fail_type_exit_e) {
       data_make.error.prefix = fl_print_error_s;
       data_make.error.suffix = f_string_empty_s;
@@ -1111,7 +1117,7 @@ extern "C" {
 
     if (F_status_is_error(*status) || *status == F_child) return data_make->data->main->child;
 
-    if (id_section > data_make->fakefile.used) {
+    if (id_section >= data_make->fakefile.used) {
       *status = F_status_set_error(F_parameter);
 
       fll_error_print(data_make->error, F_parameter, "fake_make_operate_section", F_true);

diff --git a/level_3/fake/c/private-make-operate.h b/level_3/fake/c/private-make-operate.h
index f22bb87a85f53ca528b7cfb7413f0512ce24de2d..178551426aa86df0837a97e2a1c2ba52875e8bcd 100644 (file)
--- a/level_3/fake/c/private-make-operate.h
+++ b/level_3/fake/c/private-make-operate.h
@@ -23,6 +23,7 @@ extern "C" {
  *
  * @return
  *   F_none on success.
+ *   F_data_not on success but fakefile is empty.
  *
  *   F_interrupt (with error bit) on receiving a terminate process signal, such as an interrupt signal.
  *