Fix #???, address sanitizer failure in FS

Add self-defense check in CFE_FS_ParseInputFileNameEx() in case the input buffer size passed in is greater than the length of the input string. Technically, this could be argued as an incorrect call/input, but it is something the function could check for and avoid reading past the final null char.
jphickey · Jun 5, 2024 · 81a817a · 81a817a
1 parent 505baa1
commit 81a817a
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/modules/fs/fsw/src/cfe_fs_api.c b/modules/fs/fsw/src/cfe_fs_api.c
@@ -405,8 +405,17 @@ int32 CFE_FS_ParseInputFileNameEx(char *OutputBuffer, const char *InputBuffer, s
     /* If input buffer is not empty, then use it, otherwise use DefaultInput */
     if (InputBuffer != NULL && InputBufSize > 0 && InputBuffer[0] != 0)
     {
+        InputPtr = memchr(InputBuffer, 0, InputBufSize);
+        if (InputPtr != NULL)
+        {
+            InputLen = InputPtr - InputBuffer;
+        }
+        else
+        {
+            InputLen = InputBufSize;
+        }
+
         InputPtr = InputBuffer;
-        InputLen = InputBufSize;
     }
     else if (DefaultInput != NULL)
     {