Skip to content

fix: replace unsafe strcpy with memcpy in CFE_Assert and CFE_TBL#2760

Open
stark256-spec wants to merge 1 commit into
nasa:devfrom
stark256-spec:fix/strcpy-to-memcpy
Open

fix: replace unsafe strcpy with memcpy in CFE_Assert and CFE_TBL#2760
stark256-spec wants to merge 1 commit into
nasa:devfrom
stark256-spec:fix/strcpy-to-memcpy

Conversation

@stark256-spec

Copy link
Copy Markdown

Summary

Fixes #2737

Static analyzer flagged two unbounded strcpy calls that should use a bounded alternative.

CFE_Assert_OpenLogFile (cfe_assert_init.c)

strcpy was used to append .tmp to the log filename. The preceding bounds check already ensures at least 5 bytes of space remain in the buffer, so replace with memcpy(dst, ".tmp", 5) to copy the 4-character suffix plus null terminator explicitly.

CFE_TBL_MarkNameAsModified (cfe_tbl_internal.c)

strcpy was used to append (*) to the table name. The preceding calculation already ensures at least 4 bytes remain at EndPtr, so replace with memcpy(dst, "(*)", 4) to copy the 3-character suffix plus null terminator explicitly.

Both replacements are semantically identical to the original code — the bounds are already enforced by the surrounding logic — but eliminate the unsafe unbounded copy pattern.

Test plan

  • Existing unit tests pass
  • Static analysis no longer flags these locations

Static analyzer flagged two unbounded strcpy calls (issue nasa#2737):

1. cfe_assert_init.c (CFE_Assert_OpenLogFile): strcpy was used to append
   ".tmp" to the log filename. The preceding bounds check ensures at
   least 5 bytes of space remain, so replace with memcpy(dst, ".tmp", 5)
   which copies the 4-char suffix plus null terminator explicitly.

2. cfe_tbl_internal.c (CFE_TBL_MarkNameAsModified): strcpy was used to
   append "(*)" to the table name. The preceding bounds check ensures at
   least 4 bytes remain, so replace with memcpy(dst, "(*)", 4) which
   copies the 3-char suffix plus null terminator explicitly.

Both replacements are semantically identical but eliminate the unsafe
unbounded copy pattern flagged by static analysis.

Fixes nasa#2737
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Use of strcpy

2 participants