From 3864be02dbb91d6dc7b3ecdd5c21230f355e2219 Mon Sep 17 00:00:00 2001 From: Kevin Day Date: Tue, 8 Feb 2022 22:49:03 -0600 Subject: [PATCH] Security: Invalid read in private_f_print(). The variable "i" is incremented inside the loop without checking that i < length. This potentially results in an invalid read (such as when the string is not NULL terminated after the designated length). --- level_0/f_print/c/private-print.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/level_0/f_print/c/private-print.c b/level_0/f_print/c/private-print.c index efe7599..f171015 100644 --- a/level_0/f_print/c/private-print.c +++ b/level_0/f_print/c/private-print.c @@ -27,7 +27,7 @@ extern "C" { total = 0; } - if (!string[i]) { + if (i < length && !string[i]) { do { ++i; } while (i < length && !string[i]); -- 1.8.3.1