Security: Console parameter single short values array is too small.

The short parameters "needs" variable now increases the array size before assignment.

The following command line calls are used to expose the problem and its resolution:
  # fss_basic_list_read specifications/fss.txt +Q -cn "Featureless Settings Specifications" | iki_read +Q -w -rrrrrrrr anti-KISS 'anti-<abbr title="Keep It Simple Stupid">KISS</abbr>' ASCII '<abbr title="American Standard Code for Information Interchange">ASCII</abbr>' BOM '<abbr title="Byte Order Mark">BOM</abbr>' FSS '<abbr title="Featureless Settings Specifications">FSS</abbr>' KISS '<abbr title="Keep It Simple Stupid">KISS</abbr>' UTF-8 '<abbr title="Unicode Transformation Format 8-bit">UTF-8</abbr>' URL '<abbr title="Byte Order Mark">URL</abbr>' XML '<abbr title="Extensible Markup Language">XML</abbr>' -WWW character '<code class="code">' "</code>" code '<code class="code">' '</code>' italic '<em class="em">' '</em>'

diff --git a/level_0/f_console/c/console.c b/level_0/f_console/c/console.c
index 52127736383443d2e1de3c41e5e78b2fad4a0a0d..2c2592c723c495d7ca75690d05a2fcdfb4aa52a9 100644 (file)
--- a/level_0/f_console/c/console.c
+++ b/level_0/f_console/c/console.c
@@ -305,6 +305,9 @@ extern "C" {
               parameters->array[i].location_sub = location_sub;
               parameters->array[i].locations_sub.array[parameters->array[i].locations_sub.used++] = location_sub;
 
+              status = f_array_lengths_increase_by(parameters->array[i].values_total, &needs);
+              if (F_status_is_error(status)) break;
+
               for (j = 0; j < parameters->array[i].values_total; ++j) {
                 needs.array[needs.used++] = i;
               } // for