From: Kevin Day <kevin@kevux.org>
Date: Sun, 29 Jan 2023 22:43:14 +0000 (-0600)
Subject: Security: Add extra check range checks in Featureless Make build skeleton.
X-Git-Tag: 0.6.4~66
X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=2b56681a4f7741eb82a66f10399295346582b84a;p=fll

Security: Add extra check range checks in Featureless Make build skeleton.

The used - 1 could be a problem if used is 0.
---

diff --git a/level_3/fake/c/private-build-skeleton.c b/level_3/fake/c/private-build-skeleton.c
index e3b60ca..8e15020 100644
--- a/level_3/fake/c/private-build-skeleton.c
+++ b/level_3/fake/c/private-build-skeleton.c
@@ -56,6 +56,7 @@ extern "C" {
     }
 
     bool created = F_false;
+    f_array_length_t j = 0;
 
     for (uint8_t i = 0; i < 19; ++i) {
 
@@ -63,9 +64,9 @@ extern "C" {
 
       created = F_false;
 
-      for (f_array_length_t j = 0; j < directorys[i]->used; ++j) {
+      for (j = 0; j < directorys[i]->used; ++j) {
 
-        if (directorys[i]->string[j] != f_path_separator_s.string[0]) continue;
+        if (f_path_separator_s.used && directorys[i]->string[j] != f_path_separator_s.string[0]) continue;
 
         directorys[i]->string[j] = 0;
 
@@ -88,7 +89,7 @@ extern "C" {
         if (F_status_is_error(*status)) break;
       } // for
 
-      if (F_status_is_fine(*status) && directorys[i]->string[directorys[i]->used - 1] != f_path_separator_s.string[0]) {
+      if (F_status_is_fine(*status) && directorys[i]->used && f_path_separator_s.used && directorys[i]->string[directorys[i]->used - 1] != f_path_separator_s.string[0]) {
         *status = f_directory_exists(*directorys[i]);
 
         if (F_status_is_error_not(*status)) {