Security: fake_build_arguments_standard_add() is treating static path the same as...

The size calculation is only using the shared size.
Then a static string of a potentially different size is being used.

diff --git a/level_3/fake/c/private-build.c b/level_3/fake/c/private-build.c
index ff4a0f383d77778680068c38c300a8dab99113fa..d09d700b2dcc8d70b09057bbff8474e2accd6df8 100644 (file)
--- a/level_3/fake/c/private-build.c
+++ b/level_3/fake/c/private-build.c
@@ -29,7 +29,7 @@ const f_string_static_t fake_build_documentation_files_s = macro_f_string_static
     if (F_status_is_error(*status)) return;
 
     {
-      f_array_length_t build_libraries_length = fake_build_parameter_library_link_path_s.used + data->path_build_libraries_shared.used;
+      f_array_length_t build_libraries_length = fake_build_parameter_library_link_path_s.used + (is_shared ? data->path_build_libraries_shared.used : data->path_build_libraries_static.used);
 
       f_char_t build_libraries[build_libraries_length + 1];
       build_libraries[build_libraries_length] = 0;