From 1f6925c208d70c0bca0b6c3588d032addc79a5c4 Mon Sep 17 00:00:00 2001
From: Kevin Day <kevin@kevux.org>
Date: Wed, 8 May 2024 20:50:50 -0500
Subject: [PATCH] Security: Potential buffer overflow on 0 length array.

The length_name_item variable can potentially be zero.
The assignment of "name_item[length_name_item] = 0;" will then result in an assignment on a 0 length array.

This issue has been exposed via GCC's -fanalyzer.
---
 level_3/controller/c/rule/private-rule.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/level_3/controller/c/rule/private-rule.c b/level_3/controller/c/rule/private-rule.c
index a0c2428..94829cd 100644
--- a/level_3/controller/c/rule/private-rule.c
+++ b/level_3/controller/c/rule/private-rule.c
@@ -3971,7 +3971,7 @@ extern "C" {
     const f_array_length_t line_item = cache->action.line_item;
     const f_array_length_t length_name_item = cache->action.name_item.used;
 
-    f_char_t name_item[length_name_item];
+    f_char_t name_item[length_name_item + 1];
     name_item[length_name_item] = 0;
 
     memcpy(name_item, cache->action.name_item.string, sizeof(f_char_t) * length_name_item);
-- 
1.8.3.1