From 326d5908e02fd8ac33fa05100d92d2043587e271 Mon Sep 17 00:00:00 2001
From: Bryan Roe <git.bryan.roe@techsavvydude.com>
Date: Fri, 13 Nov 2020 00:47:03 -0800
Subject: [PATCH] Added max length guard

---
 microscript/ILibDuktape_ChildProcess.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/microscript/ILibDuktape_ChildProcess.c b/microscript/ILibDuktape_ChildProcess.c
index 2bdb90e..cd434fb 100644
--- a/microscript/ILibDuktape_ChildProcess.c
+++ b/microscript/ILibDuktape_ChildProcess.c
@@ -412,10 +412,13 @@ duk_ret_t ILibDuktape_ChildProcess_execFile(duk_context *ctx)
 	int uid = -1;
 	char **envargs = NULL;
 
+	if (nargs > 32) { return(ILibDuktape_Error(ctx, "Too many parameters")); }
+
 	for (i = 0; i < nargs; ++i)
 	{
 		if (duk_is_array(ctx, i) != 0)
 		{
+			if (duk_get_length(ctx, i) > 255) { return(ILibDuktape_Error(ctx, "Array too big")); }
 			int arrLen = (int)duk_get_length(ctx, i);
 #ifdef WIN32
 			args = (char**)_alloca((arrLen + 1) * sizeof(char*));