From d7a02342e5c154c46b5dc1fc84b05189d3b8eca5 Mon Sep 17 00:00:00 2001 From: Jerzy Jamroz Date: Fri, 7 Feb 2025 09:41:25 +0100 Subject: [PATCH] fix: CodeQL check failure. Possibly wrong buffer size in string copy (Critical) --- modules/libcom/src/iocsh/atInit.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/libcom/src/iocsh/atInit.c b/modules/libcom/src/iocsh/atInit.c index 7eba93dc7..c6a79d616 100644 --- a/modules/libcom/src/iocsh/atInit.c +++ b/modules/libcom/src/iocsh/atInit.c @@ -52,11 +52,13 @@ static void atInitHook(initHookState state) static struct cmditem* newItem(char* cmd) { - struct cmditem* item = mallocMustSucceed(sizeof(struct cmditem) + strlen(cmd) + 1, + size_t cmd_len = strlen(cmd) + 1; + + struct cmditem* item = mallocMustSucceed(sizeof(struct cmditem) + cmd_len, ERL_ERROR " atInit: " "failed to allocate memory for cmditem\n"); item->cmd = (char*)(item + 1); - strncpy(item->cmd, cmd, strlen(cmd) + 1); + strncpy(item->cmd, cmd, cmd_len); ellAdd(&s_cmdlist, &item->node);