From: Kevin Day <thekevinday@gmail.com>
Date: Sat, 26 Feb 2022 17:20:01 +0000 (-0600)
Subject: Security: Invalid va_arg() call resulting in overflow.
X-Git-Tag: 0.5.8~4
X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=9706a6d35e8453bf6d91b5a9c1955e4d27e3d5ce;p=fll

Security: Invalid va_arg() call resulting in overflow.

This overflow doesn't seem to cause crashes, which is even scarier as has gotten away with unnoticed.

The else condition inside of the formatted print functions are accidentally declaring va_arg() when it shouldn't.
The except_at and except_in are also being unnecessarily declared.
---

diff --git a/level_1/fl_print/c/private-print.c b/level_1/fl_print/c/private-print.c
index e98cc4e..373145f 100644
--- a/level_1/fl_print/c/private-print.c
+++ b/level_1/fl_print/c/private-print.c
@@ -370,9 +370,6 @@ extern "C" {
                   }
                 }
                 else {
-                  const f_array_lengths_t except_at = f_array_lengths_t_initialize;
-                  const f_string_ranges_t except_in = f_string_ranges_t_initialize;
-
                   if (partial.start > partial.stop) {
                     *status = F_data_not;
 
@@ -768,9 +765,6 @@ extern "C" {
                   }
                 }
                 else {
-                  const f_array_lengths_t except_at = f_array_lengths_t_initialize;
-                  const f_string_ranges_t except_in = va_arg(apl, f_string_ranges_t);
-
                   if (partial.start > partial.stop) {
                     *status = F_data_not;