From: Kevin Day Date: Tue, 8 Aug 2023 01:19:00 +0000 (-0500) Subject: Security: Add additional checks against the parameters in fll_execute_program(). X-Git-Tag: 0.6.7~12 X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=1b43ceefc20836137ed95e19d275dda44d8a678d;p=fll Security: Add additional checks against the parameters in fll_execute_program(). --- diff --git a/level_2/fll_execute/c/execute.c b/level_2/fll_execute/c/execute.c index 36050ee..b202acb 100644 --- a/level_2/fll_execute/c/execute.c +++ b/level_2/fll_execute/c/execute.c @@ -278,13 +278,25 @@ extern "C" { f_string_t fixed_arguments[arguments.used + 2]; f_string_static_t program_name = f_string_static_t_initialize; - const f_string_t last_slash = (f_string_t) strrchr((program.used ? program.string : arguments.array[0].string), (char) f_path_separator_s.string[0]); + const f_string_t last_slash = (f_string_t) strrchr( + (program.used + ? program.string + : arguments.used && arguments.array[0].used + ? arguments.array[0].string + : 0 + ), + (char) f_path_separator_s.string[0] + ); if (last_slash) { program_name.used = strnlen((last_slash + 1), F_path_length_max_d); } else { - program_name.used = program.used ? program.used : arguments.array[0].used; + program_name.used = program.used + ? program.used + : arguments.used && arguments.array[0].used + ? arguments.array[0].used + : 0; } f_char_t program_name_string[program_name.used + 1];