From 922831b8494e71cffe2ef55e20e95275f1faaf6d Mon Sep 17 00:00:00 2001
From: Kevin Day <thekevinday@gmail.com>
Date: Sat, 9 Jul 2022 17:19:55 -0500
Subject: [PATCH] Security: Invalid read when using -s/--settings in fake
 program.

The Featureless Make -s/--settings parameter handling code has a typoe where the wrong enumeration is used.
This results in an invalid read.
---
 level_3/fake/c/private-fake.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/level_3/fake/c/private-fake.c b/level_3/fake/c/private-fake.c
index 171d7c9..30617ad 100644
--- a/level_3/fake/c/private-fake.c
+++ b/level_3/fake/c/private-fake.c
@@ -603,7 +603,7 @@ extern "C" {
 
       // If a custom --data or a custom --settings parameter is passed and uses an absolute or relative to current path, then do not check.
       if (data->main->parameters.array[fake_parameter_settings_e].result == f_console_result_additional_e) {
-        const f_array_length_t index = data->main->parameters.array[fake_parameter_fakefile_e].values.array[data->main->parameters.array[fake_parameter_fakefile_e].values.used - 1];
+        const f_array_length_t index = data->main->parameters.array[fake_parameter_settings_e].values.array[data->main->parameters.array[fake_parameter_settings_e].values.used - 1];
 
         if (f_path_is_absolute(data->main->parameters.arguments.array[index]) == F_true || f_path_is_relative_current(data->main->parameters.arguments.array[index]) == F_true) {
           parameters_required[1] = F_none;
-- 
1.8.3.1