From: Kevin Day Date: Fri, 14 Jun 2024 02:52:11 +0000 (-0500) Subject: Security: Console parameter single short values array is too small. X-Git-Tag: 0.7.0~153 X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=3184d0008b5522ac26d29a4cf6f3cf9534ccb1e2;p=fll Security: Console parameter single short values array is too small. The short parameters "needs" variable now increases the array size before assignment. The following command line calls are used to expose the problem and its resolution: # fss_basic_list_read specifications/fss.txt +Q -cn "Featureless Settings Specifications" | iki_read +Q -w -rrrrrrrr anti-KISS 'anti-KISS' ASCII 'ASCII' BOM 'BOM' FSS 'FSS' KISS 'KISS' UTF-8 'UTF-8' URL 'URL' XML 'XML' -WWW character '' "" code '' '' italic '' '' --- diff --git a/level_0/f_console/c/console.c b/level_0/f_console/c/console.c index c8a1cdb..960fbcf 100644 --- a/level_0/f_console/c/console.c +++ b/level_0/f_console/c/console.c @@ -438,6 +438,9 @@ extern "C" { parameters->array[i].location_sub = process.location_sub; parameters->array[i].locations_sub.array[parameters->array[i].locations_sub.used++] = process.location_sub; + state->status = f_memory_array_increase_by(parameters->array[i].values_total, sizeof(f_number_unsigned_t), (void **) &process.needs.array, &process.needs.used, &process.needs.size); + if (F_status_is_error(state->status)) break; + for (j = 0; j < parameters->array[i].values_total; ++j) { process.needs.array[process.needs.used++] = i; } // for