From: Kevin Day <thekevinday@gmail.com>
Date: Fri, 30 Aug 2019 01:48:25 +0000 (-0500)
Subject: Security: safely print f_dynamic_string
X-Git-Tag: 0.5.0~467
X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=493cad998243d5dc1a1d08956a14a4c666d476a7;p=fll

Security: safely print f_dynamic_string

The f_dynamic_string is not NULL terminated and should never be directly passed to a function that assumes strings are NULL terminated.
---

diff --git a/level_1/fl_colors/c/colors.c b/level_1/fl_colors/c/colors.c
index 5cb9363..6b3860c 100644
--- a/level_1/fl_colors/c/colors.c
+++ b/level_1/fl_colors/c/colors.c
@@ -120,9 +120,10 @@ extern "C" {
       if (string == 0) return f_status_set_error(f_invalid_parameter);
     #endif // _di_level_1_parameter_checking_
 
-    // @fixme: the string here does not have to be NULL terminated, so this usage is invalid/unsafe!
     if (start_color.used != 0) {
-      fprintf(file, "%s", start_color.string);
+      f_status status = f_print_dynamic_string(file, start_color);
+
+      if (f_status_is_error(status)) return status;
     }
 
     va_list ap;
@@ -133,9 +134,10 @@ extern "C" {
 
     va_end(ap);
 
-    // @fixme: the string here does not have to be NULL terminated, so this usage is invalid/unsafe!
     if (end_color.used != 0) {
-      fprintf(file, "%s", end_color.string);
+      f_status status = f_print_dynamic_string(file, end_color);
+
+      if (f_status_is_error(status)) return status;
     }
 
     return f_none;
@@ -149,9 +151,10 @@ extern "C" {
       if (string == 0) return f_status_set_error(f_invalid_parameter);
     #endif // _di_level_1_parameter_checking_
 
-    // @fixme: the string here does not have to be NULL terminated, so this usage is invalid/unsafe!
     if (start_color.used != 0) {
-      fprintf(file, "%s", start_color.string);
+      f_status status = f_print_dynamic_string(file, start_color);
+
+      if (f_status_is_error(status)) return status;
     }
 
     va_list ap;
@@ -162,9 +165,10 @@ extern "C" {
 
     va_end(ap);
 
-    // @fixme: the string here does not have to be NULL terminated, so this usage is invalid/unsafe!
     if (end_color.used != 0) {
-      fprintf(file, "%s", end_color.string);
+      f_status status = f_print_dynamic_string(file, end_color);
+
+      if (f_status_is_error(status)) return status;
     }
 
     // now print the trailing newline, this is done _after_ ending the colors to avoid color wrapping issues that can happen when a color code follows a newline
@@ -176,9 +180,10 @@ extern "C" {
 
 #ifndef _di_fl_color_print_code_
   f_return_status fl_color_print_code(FILE *file, const f_dynamic_string color) {
-    // @fixme: the string here does not have to be NULL terminated, so this usage is invalid/unsafe!
     if (color.used != 0) {
-      fprintf(file, "%s", color.string);
+      f_status status = f_print_dynamic_string(file, color);
+
+      if (f_status_is_error(status)) return status;
     }
 
     return f_none;
diff --git a/level_1/fl_colors/c/colors.h b/level_1/fl_colors/c/colors.h
index 85b0b63..f041504 100644
--- a/level_1/fl_colors/c/colors.h
+++ b/level_1/fl_colors/c/colors.h
@@ -21,6 +21,7 @@
 #include <level_0/file.h>
 #include <level_0/strings.h>
 #include <level_0/types.h>
+#include <level_0/print.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -167,6 +168,7 @@ extern "C" {
  * @return
  *   f_none on success.
  *   f_invalid_parameter (with error bit) if a parameter is invalid.
+ *   f_output_error (with error bit) on output error.
  */
 #ifndef _di_fl_color_print_
   extern f_return_status fl_color_print(FILE *file, const f_dynamic_string start_color, const f_dynamic_string end_color, const char *string, ...);
@@ -193,6 +195,7 @@ extern "C" {
  * @return
  *   f_none on success.
  *   f_invalid_parameter (with error bit) if a parameter is invalid.
+ *   f_output_error (with error bit) on output error.
  */
 #ifndef _di_fl_color_print_line_
   extern f_return_status fl_color_print_line(FILE *file, const f_dynamic_string start_color, const f_dynamic_string end_color, const char *string, ...);
@@ -211,6 +214,7 @@ extern "C" {
  * @return
  *   f_none on success.
  *   f_invalid_parameter (with error bit) if a parameter is invalid.
+ *   f_output_error (with error bit) on output error.
  */
 #ifndef _di_fl_color_print_code_
   extern f_return_status fl_color_print_code(FILE *file, const f_dynamic_string color);
diff --git a/level_1/fl_colors/data/build/dependencies b/level_1/fl_colors/data/build/dependencies
index 13e3376..b24ed89 100644
--- a/level_1/fl_colors/data/build/dependencies
+++ b/level_1/fl_colors/data/build/dependencies
@@ -4,3 +4,4 @@ f_strings
 f_colors
 f_file
 f_memory
+f_print
diff --git a/level_1/fl_colors/data/build/settings b/level_1/fl_colors/data/build/settings
index 796108d..1823c52 100644
--- a/level_1/fl_colors/data/build/settings
+++ b/level_1/fl_colors/data/build/settings
@@ -10,9 +10,9 @@ version_micro 0
 build_compiler gcc
 build_linker ar
 build_libraries -lc
-build_libraries_fll -lf_memory -lf_file
+build_libraries_fll -lf_memory -lf_file -lf_print
 build_sources_library colors.c
-build_sources_program 
+build_sources_program
 build_sources_headers colors.h
 build_sources_bash
 build_sources_settings