From 634e4402b887d5abc8b6928909dafbf1dab4c42a Mon Sep 17 00:00:00 2001 From: Kevin Day Date: Sat, 18 Dec 2021 23:49:40 -0600 Subject: [PATCH] Security: Segfault when "load_build yes" and "build settings". When the fakefile settings is setup to have "load_build yes" and the fakefile operations has a build operation like "build settings" a segfault occurs. This appears to be the result of casting the main path_sources to a constant pointer type from a reference. Perform some minor cleanups. --- level_3/fake/c/private-build-load.c | 8 +++++--- level_3/fake/c/private-build.c | 16 ++++++++-------- level_3/fake/c/private-common.h | 2 +- 3 files changed, 14 insertions(+), 12 deletions(-) diff --git a/level_3/fake/c/private-build-load.c b/level_3/fake/c/private-build-load.c index be8c731..2e706fa 100644 --- a/level_3/fake/c/private-build-load.c +++ b/level_3/fake/c/private-build-load.c @@ -522,18 +522,18 @@ extern "C" { if (*status == F_none) { const int total_build_libraries = setting->build_libraries.used; + const f_string_dynamics_t *modes = &setting->modes_default; f_string_dynamic_t settings_mode_name_dynamic[fake_build_setting_total_d]; f_string_t settings_mode_names[fake_build_setting_total_d]; f_array_length_t setting_mode_lengths[fake_build_setting_total_d]; - const f_string_dynamics_t *modes = &setting->modes_default; bool found = F_false; f_array_length_t i = 0; f_array_length_t j = 0; - // if any mode is specified, the entire defaults is replaced. + // If any mode is specified, the entire defaults is replaced. if (main->mode.used) { modes = &main->mode; } @@ -546,6 +546,7 @@ extern "C" { if (fl_string_dynamic_compare_trim(modes->array[i], setting->modes.array[j]) == F_equal_to) { found = F_true; + break; } } // for @@ -565,6 +566,7 @@ extern "C" { error_printed = F_true; *status = F_status_set_error(F_parameter); + break; } @@ -576,7 +578,7 @@ extern "C" { setting_mode_lengths[j] = settings_length[j] + 1 + modes->array[i].used; - macro_f_string_dynamic_t_resize(*status, settings_mode_name_dynamic[j], setting_mode_lengths[j]); + *status = f_string_dynamic_resize(setting_mode_lengths[j], &settings_mode_name_dynamic[j]); if (F_status_is_error(*status)) { function = "macro_f_string_dynamic_t_resize"; diff --git a/level_3/fake/c/private-build.c b/level_3/fake/c/private-build.c index c3e7bd6..a67aae1 100644 --- a/level_3/fake/c/private-build.c +++ b/level_3/fake/c/private-build.c @@ -810,20 +810,20 @@ extern "C" { } else { if (data_build.setting.build_sources_headers.used) { - const f_string_static_t *path_sources = &main->path_sources; + f_string_static_t path_sources = main->path_sources; if (data_build.setting.path_standard) { - path_sources = &main->path_sources_c; + path_sources = main->path_sources_c; if (data_build.setting.build_language == fake_build_language_type_cpp) { - path_sources = &main->path_sources_cpp; + path_sources = main->path_sources_cpp; } } else if (main->parameters[fake_parameter_path_sources].result != f_console_result_additional) { - path_sources = &data_build.setting.path_sources; + path_sources = data_build.setting.path_sources; } - const f_array_length_t path_sources_base_length = path_sources->used; + const f_array_length_t path_sources_base_length = path_sources.used; f_string_static_t path_headers = f_string_static_t_initialize; f_array_length_t directory_headers_length = main->path_build_includes.used + data_build.setting.path_headers.used; @@ -842,14 +842,14 @@ extern "C" { path_headers.used = directory_headers_length; path_headers.size = directory_headers_length + 1; - fake_build_copy(main, mode, "header files", *path_sources, path_headers, data_build.setting.build_sources_headers, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); + fake_build_copy(main, mode, "header files", path_sources, path_headers, data_build.setting.build_sources_headers, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); if (data_build.setting.build_shared) { - fake_build_copy(main, mode, "shared header files", *path_sources, path_headers, data_build.setting.build_sources_headers_shared, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); + fake_build_copy(main, mode, "shared header files", path_sources, path_headers, data_build.setting.build_sources_headers_shared, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); } if (data_build.setting.build_static) { - fake_build_copy(main, mode, "static header files", *path_sources, path_headers, data_build.setting.build_sources_headers_static, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); + fake_build_copy(main, mode, "static header files", path_sources, path_headers, data_build.setting.build_sources_headers_static, stage.file_sources_headers, data_build.setting.path_headers_preserve ? path_sources_base_length : 0, &status); } } diff --git a/level_3/fake/c/private-common.h b/level_3/fake/c/private-common.h index 6389857..a1a4697 100644 --- a/level_3/fake/c/private-common.h +++ b/level_3/fake/c/private-common.h @@ -221,7 +221,7 @@ extern "C" { macro_f_string_dynamics_t_delete_simple(setting.flags_shared) \ macro_f_string_dynamics_t_delete_simple(setting.flags_static) \ macro_f_string_dynamics_t_delete_simple(setting.modes) \ - macro_f_string_dynamics_t_delete_simple(setting.modes_default) \ + macro_f_string_dynamics_t_delete_simple(setting.modes_default) #define FAKE_build_setting_name_build_compiler_s "build_compiler" #define FAKE_build_setting_name_build_language_s "build_language" -- 1.8.3.1