From: Kevin Day <thekevinday@gmail.com>
Date: Wed, 9 Feb 2022 04:49:03 +0000 (-0600)
Subject: Security: Invalid read in private_f_print().
X-Git-Tag: 0.5.8~68
X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=3864be02dbb91d6dc7b3ecdd5c21230f355e2219;p=fll

Security: Invalid read in private_f_print().

The variable "i" is incremented inside the loop without checking that i < length.
This potentially results in an invalid read (such as when the string is not NULL terminated after the designated length).
---

diff --git a/level_0/f_print/c/private-print.c b/level_0/f_print/c/private-print.c
index efe7599..f171015 100644
--- a/level_0/f_print/c/private-print.c
+++ b/level_0/f_print/c/private-print.c
@@ -27,7 +27,7 @@ extern "C" {
         total = 0;
       }
 
-      if (!string[i]) {
+      if (i < length && !string[i]) {
         do {
           ++i;
         } while (i < length && !string[i]);