Security: FSS Read functions should check range before buffer.

author Kevin Day <thekevinday@gmail.com>

Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)

committer Kevin Day <thekevinday@gmail.com>

Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)
author Kevin Day <thekevinday@gmail.com>
Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)
committer Kevin Day <thekevinday@gmail.com>
Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)
diff --git a/level_1/fl_fss/c/fss_embedded_list.c b/level_1/fl_fss/c/fss_embedded_list.c

index 90906fbb77681d4da7f1419830fed06af4d1aa27..a6b7b1492d7e367c9dde2623b2b97b3e7479a39b 100644 (file)
--- a/level_1/fl_fss/c/fss_embedded_list.c
+++ b/level_1/fl_fss/c/fss_embedded_list.c
@@ -1108,10 +1108,7 @@ extern "C" {
            status = f_fss_skip_past_space(content, range);
            if (F_status_is_error(status)) break;
  
-          if (has_graph && content.string[range->start] == f_fss_embedded_list_close) {
-            // do nothing.
-          }
-          else if (content.string[range->start] == f_fss_eol || range->start >= content.used || range->start > range->stop) {
+          if (range->start >= content.used || range->start > range->stop || content.string[range->start] == f_fss_eol) {
  
              // increase by total slashes + 1 embedded list open/close.
              status = f_string_dynamic_increase_by(slash_count + 2, destination);
@@ -1171,7 +1168,7 @@ extern "C" {
          status = f_fss_skip_past_space(content, range);
          if (F_status_is_error(status)) break;
  
-        if (content.string[range->start] == f_fss_eol || range->start >= content.used || range->start > range->stop) {
+        if (range->start >= content.used || range->start > range->stop || content.string[range->start] == f_fss_eol) {
  
            if (content.string[range->start] == f_fss_eol) {
              do_prepend = F_true;
diff --git a/level_1/fl_fss/c/fss_extended_list.c b/level_1/fl_fss/c/fss_extended_list.c

index 78fc5233715b0a31e1ea4b7033ef10992fc7155e..cc7461fd76da0852b35f10239db9b6bc1d802113 100644 (file)
--- a/level_1/fl_fss/c/fss_extended_list.c
+++ b/level_1/fl_fss/c/fss_extended_list.c
@@ -291,6 +291,8 @@ extern "C" {
          continue;
        }
  
+      if (status == F_none_eos || status == F_none_stop) break;
+
        if (buffer.string[range->start] == f_fss_delimit_slash) {
          slash_first = range->start;
          slash_count = 1;
author	Kevin Day <thekevinday@gmail.com>
	Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)
committer	Kevin Day <thekevinday@gmail.com>
	Fri, 7 May 2021 00:09:32 +0000 (19:09 -0500)
level_1/fl_fss/c/fss_embedded_list.c		patch \| blob \| history
level_1/fl_fss/c/fss_extended_list.c		patch \| blob \| history