Security: safely print f_dynamic_string

The f_dynamic_string is not NULL terminated and should never be directly passed to a function that assumes strings are NULL terminated.

diff --git a/level_1/fl_colors/c/colors.c b/level_1/fl_colors/c/colors.c
index 64e7524d59da9169fa1ea1b0553365df2ed79c2b..1fef707c88f9d0797fb6d52152e2e6dd9ed89164 100644 (file)
--- a/level_1/fl_colors/c/colors.c
+++ b/level_1/fl_colors/c/colors.c
@@ -123,7 +123,9 @@ extern "C"{
     #endif // _di_level_1_parameter_checking_
 
     if (start_color.used != 0) {
-      fprintf(file, "%s", start_color.string);
+      f_status status = f_print_dynamic_string(file, start_color);
+
+      if (f_error_is_error(status)) return status;
     }
 
     va_list ap;
@@ -135,7 +137,9 @@ extern "C"{
     va_end(ap);
 
     if (end_color.used != 0) {
-      fprintf(file, "%s", end_color.string);
+      f_status status = f_print_dynamic_string(file, end_color);
+
+      if (f_error_is_error(status)) return status;
     }
 
     return f_none;
@@ -150,7 +154,9 @@ extern "C"{
     #endif // _di_level_1_parameter_checking_
 
     if (start_color.used != 0) {
-      fprintf(file, "%s", start_color.string);
+      f_status status = f_print_dynamic_string(file, start_color);
+
+      if (f_error_is_error(status)) return status;
     }
 
     va_list ap;
@@ -162,7 +168,9 @@ extern "C"{
     va_end(ap);
 
     if (end_color.used != 0) {
-      fprintf(file, "%s", end_color.string);
+      f_status status = f_print_dynamic_string(file, end_color);
+
+      if (f_error_is_error(status)) return status;
     }
 
     // now print the trailing newline, this is done _after_ ending the colors to avoid color wrapping issues that can happen when a color code follows a newline
@@ -175,7 +183,9 @@ extern "C"{
 #ifndef _di_fl_print_color_code_
   f_return_status fl_print_color_code(f_file_type file, const f_dynamic_string color) {
     if (color.used != 0) {
-      fprintf(file, "%s", color.string);
+      f_status status = f_print_dynamic_string(file, color);
+
+      if (f_error_is_error(status)) return status;
     }
 
     return f_none;

diff --git a/level_1/fl_colors/c/colors.h b/level_1/fl_colors/c/colors.h
index bcd36358cf1424e246d2ce6548d021bdcb9f5355..bdf0754da7b6b0e1a9567781e1daddd0dd4fffa7 100644 (file)
--- a/level_1/fl_colors/c/colors.h
+++ b/level_1/fl_colors/c/colors.h
@@ -21,6 +21,7 @@
 #include <level_0/strings.h>
 #include <level_0/file.h>
 #include <level_0/colors.h>
+#include <level_0/print.h>
 
 #ifdef __cplusplus
 extern "C"{

diff --git a/level_1/fl_colors/data/build/dependencies b/level_1/fl_colors/data/build/dependencies
index 13e33761fbfbc73371077ade1440146aa873a9cd..b24ed89bb2f733a8fa0a65201ff90f42c5ec2e02 100644 (file)
--- a/level_1/fl_colors/data/build/dependencies
+++ b/level_1/fl_colors/data/build/dependencies
@@ -4,3 +4,4 @@ f_strings
 f_colors
 f_file
 f_memory
+f_print

diff --git a/level_1/fl_colors/data/build/settings b/level_1/fl_colors/data/build/settings
index e236478be68a027c9c49b0e72d3c44af463d2d7b..93cf481224ab289289a86be898e08624b77e4d9f 100644 (file)
--- a/level_1/fl_colors/data/build/settings
+++ b/level_1/fl_colors/data/build/settings
@@ -10,7 +10,7 @@ version_micro 3
 build_compiler gcc
 build_linker ar
 build_libraries -lc
-build_libraries_fll -lf_memory -lf_file
+build_libraries_fll -lf_memory -lf_file -lf_print
 build_sources_library colors.c
 build_sources_program
 build_sources_headers colors.h