From 43003ea18adb5be8ef1366a1364b587ecd7529fa Mon Sep 17 00:00:00 2001
From: Jerzy Jamroz <jerzy.jamroz@gmail.com>
Date: Mon, 10 Feb 2025 11:39:34 +0100
Subject: [PATCH] fix: (CWE-126) CodeQL removal.

---
 modules/libcom/src/iocsh/atInit.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/libcom/src/iocsh/atInit.c b/modules/libcom/src/iocsh/atInit.c
index 7338588ae..41622dd4c 100644
--- a/modules/libcom/src/iocsh/atInit.c
+++ b/modules/libcom/src/iocsh/atInit.c
@@ -12,6 +12,7 @@
 #include <initHooks.h>
 #include <iocsh.h>
 #include <string.h>
+#include <epicsTypes.h>
 
 #include "atInit.h"
 
@@ -52,7 +53,7 @@ static void atInitHook(initHookState state)
 
 static struct cmditem *newItem(const char *cmd)
 {
-    const size_t cmd_len = strlen(cmd) + 1;
+    const size_t cmd_len = strnlen(cmd, MAX_STRING_SIZE - 1) + 1;
 
     struct cmditem *item = mallocMustSucceed(sizeof(struct cmditem) + cmd_len, "atInit");
     item->cmd = (char *)(item + 1);