From 506c0a6f9e870e5c07ceae005a5d796b776fff95 Mon Sep 17 00:00:00 2001 From: Kevin Day Date: Thu, 19 May 2022 23:07:28 -0500 Subject: [PATCH] Security: Add missing NULL at the end of string. I was seeing "-Wno-missing-bracess" and "-Wno-logical-op-parenthese". This looks exactly like invalid sizes. I could not find the code that misplaces the NULL but in the process I found a different place where a NULL is in fact missing. This adds the missing NULL. I guess if one looks hard enough, then they will find what they are looking for. It turns out that my original problem is actually two typos in a configuration file. --- level_3/fake/c/private-build.c | 4 ++-- level_3/fss_embedded_list_read/data/build/settings | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/level_3/fake/c/private-build.c b/level_3/fake/c/private-build.c index 422003f..a4887f2 100644 --- a/level_3/fake/c/private-build.c +++ b/level_3/fake/c/private-build.c @@ -32,6 +32,7 @@ extern "C" { f_array_length_t build_libraries_length = fake_build_parameter_library_link_path_s.used + data->path_build_libraries_shared.used; f_char_t build_libraries[build_libraries_length + 1]; + build_libraries[build_libraries_length] = 0; memcpy(build_libraries, fake_build_parameter_library_link_path_s.string, sizeof(f_char_t) * fake_build_parameter_library_link_path_s.used); @@ -42,11 +43,10 @@ extern "C" { memcpy(build_libraries + fake_build_parameter_library_link_path_s.used, data->path_build_libraries_static.string, sizeof(f_char_t) * data->path_build_libraries_static.used); } - build_libraries[build_libraries_length] = 0; - f_array_length_t build_includes_length = fake_build_parameter_library_include_s.used + data->path_build_includes.used; f_char_t build_includes[build_includes_length + 1]; + build_includes[build_includes_length] = 0; memcpy(build_includes, fake_build_parameter_library_include_s.string, sizeof(f_char_t) * fake_build_parameter_library_include_s.used); memcpy(build_includes + fake_build_parameter_library_include_s.used, data->path_build_includes.string, sizeof(f_char_t) * data->path_build_includes.used); diff --git a/level_3/fss_embedded_list_read/data/build/settings b/level_3/fss_embedded_list_read/data/build/settings index 326b6ed..3b2f4b6 100644 --- a/level_3/fss_embedded_list_read/data/build/settings +++ b/level_3/fss_embedded_list_read/data/build/settings @@ -44,8 +44,8 @@ search_static yes #defines -D_di_libcap_ -D_di_thread_support_ defines -D_libcap_legacy_only_ -D_pthread_attr_unsupported_ -D_pthread_sigqueue_unsupported_ -flags -O2 -z now -g -fdiagnostics-color=always -Wno-logical-not-parentheses -Wno-parentheses -Wno-missing-bracess -flags-clang -Wno-logical-op-parenthese +flags -O2 -z now -g -fdiagnostics-color=always -Wno-logical-not-parentheses -Wno-parentheses -Wno-missing-braces +flags-clang -Wno-logical-op-parentheses flags-test -fstack-protector flags_library -fPIC -- 1.8.3.1