From cece39c2d031f56bdaeab3811a1034c6f7f5d401 Mon Sep 17 00:00:00 2001 From: jdfiguer Date: Thu, 6 Jun 2024 14:13:49 -0400 Subject: [PATCH] Fix #93, Adds static analysis comments and replace strncpy with snprintf This commit addresses issues flagged during static analysis by: - Adding JSC 2.1 disposition comments. - Replacing strncpy with snprintf to enhance safety and compliance. --- fsw/src/cs_compute.c | 8 ++++---- fsw/src/cs_init.c | 2 +- fsw/src/cs_table_processing.c | 28 +++++++++++++++------------- 3 files changed, 20 insertions(+), 18 deletions(-) diff --git a/fsw/src/cs_compute.c b/fsw/src/cs_compute.c index 7307f05..145c1ff 100644 --- a/fsw/src/cs_compute.c +++ b/fsw/src/cs_compute.c @@ -536,20 +536,20 @@ void CS_RecomputeEepromMemoryChildTask(void) if (Table == CS_EEPROM_TABLE) { - strncpy(TableType, "EEPROM", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "EEPROM"); } if (Table == CS_MEMORY_TABLE) { - strncpy(TableType, "Memory", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Memory"); } if (Table == CS_CFECORE) { - strncpy(TableType, "cFE Core", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "cFE Core"); CS_AppData.HkPacket.Payload.CfeCoreBaseline = NewChecksumValue; } if (Table == CS_OSCORE) { - strncpy(TableType, "OS", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "OS"); CS_AppData.HkPacket.Payload.OSBaseline = NewChecksumValue; } diff --git a/fsw/src/cs_init.c b/fsw/src/cs_init.c index 3476461..bd37afe 100644 --- a/fsw/src/cs_init.c +++ b/fsw/src/cs_init.c @@ -42,7 +42,7 @@ CFE_Status_t CS_SbInit(void) CFE_Status_t Result = CFE_SUCCESS; /* Initialize app configuration data */ - strncpy(CS_AppData.PipeName, CS_CMD_PIPE_NAME, CS_CMD_PIPE_NAME_LEN); + snprintf(CS_AppData.PipeName, sizeof(CS_AppData.PipeName), "%s", CS_CMD_PIPE_NAME); CS_AppData.PipeDepth = CS_PIPE_DEPTH; diff --git a/fsw/src/cs_table_processing.c b/fsw/src/cs_table_processing.c index 405c714..82597f5 100644 --- a/fsw/src/cs_table_processing.c +++ b/fsw/src/cs_table_processing.c @@ -231,6 +231,7 @@ CFE_Status_t CS_ValidateTablesChecksumDefinitionTable(void *TblPtr) StateField = OuterEntry->State; /* Check for non-zero length for table name */ + /* SAD: Using strlen since OuterEntry->Name is null-terminated in cs/fsw/src/cs_table_processing.c::CS_ProcessNewAppDefinitionTable() */ if (strlen(OuterEntry->Name) != 0) { /* Verify valid state definition */ @@ -357,6 +358,7 @@ CFE_Status_t CS_ValidateAppChecksumDefinitionTable(void *TblPtr) } BadCount++; } + /* SAD: Using strlen since OuterEntry->Name is null-terminated in cs/fsw/src/cs_table_processing.c::CS_ProcessNewAppDefinitionTable() */ else if (strlen(OuterEntry->Name) != 0) { /* Verify valid state definition */ @@ -466,7 +468,7 @@ void CS_ProcessNewEepromMemoryDefinitionTable(const CS_Def_EepromMemory_Table_En memcpy(&StartOfResultsTable, ResultsTblPtr, sizeof(StartOfResultsTable)); memcpy(&StartOfDefTable, DefinitionTblPtr, sizeof(StartOfDefTable)); - strncpy(&TableType[0], "Undef Tbl", CS_TABLETYPE_NAME_SIZE); /* Init the table type string */ + snprintf(&TableType[0], CS_TABLETYPE_NAME_SIZE, "%s", "Undef Tbl"); /* Init the table type string */ /* We don't want to be doing chekcksums while changing the table out */ if (Table == CS_EEPROM_TABLE) @@ -528,11 +530,11 @@ void CS_ProcessNewEepromMemoryDefinitionTable(const CS_Def_EepromMemory_Table_En { if (Table == CS_EEPROM_TABLE) { - strncpy(&TableType[0], "EEPROM", CS_TABLETYPE_NAME_SIZE); + snprintf(&TableType[0], CS_TABLETYPE_NAME_SIZE, "%s", "EEPROM"); } if (Table == CS_MEMORY_TABLE) { - strncpy(&TableType[0], "Memory", CS_TABLETYPE_NAME_SIZE); + snprintf(&TableType[0], CS_TABLETYPE_NAME_SIZE, "%s", "Memory"); } CFE_EVS_SendEvent(CS_PROCESS_EEPROM_MEMORY_NO_ENTRIES_INF_EID, CFE_EVS_EventType_INFORMATION, @@ -825,7 +827,7 @@ CFE_Status_t CS_TableInit(CFE_TBL_Handle_t *DefinitionTableHandle, CFE_TBL_Handl osal_id_t Fd = OS_OBJECT_ID_UNDEFINED; char TableType[CS_TABLETYPE_NAME_SIZE]; - strncpy(TableType, "Undef Tbl", CS_TABLETYPE_NAME_SIZE); /* Init table type */ + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Undef Tbl"); /* Init table type */ SizeOfTable = NumEntries * SizeofResultsTableEntry; @@ -904,19 +906,19 @@ CFE_Status_t CS_TableInit(CFE_TBL_Handle_t *DefinitionTableHandle, CFE_TBL_Handl { if (Table == CS_EEPROM_TABLE) { - strncpy(TableType, "EEPROM", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "EEPROM"); } if (Table == CS_MEMORY_TABLE) { - strncpy(TableType, "Memory", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Memory"); } if (Table == CS_TABLES_TABLE) { - strncpy(TableType, "Tables", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Tables"); } if (Table == CS_APP_TABLE) { - strncpy(TableType, "Apps", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Apps"); } CFE_EVS_SendEvent(CS_TBL_INIT_ERR_EID, CFE_EVS_EventType_ERROR, @@ -967,7 +969,7 @@ CFE_Status_t CS_HandleTableUpdate(void *DefinitionTblPtr, void *ResultsTblPtr, C int32 Loop = 0; char TableType[CS_TABLETYPE_NAME_SIZE]; - strncpy(TableType, "Undef Tbl", CS_TABLETYPE_NAME_SIZE); /* Init table type */ + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Undef Tbl"); /* Init table type */ /* Below, there are several values that are returned and assigned, but never evaluated. */ /* This is done so intentionally, as it helps us with Source-Level debugging this functions. */ @@ -1031,19 +1033,19 @@ CFE_Status_t CS_HandleTableUpdate(void *DefinitionTblPtr, void *ResultsTblPtr, C { if (Table == CS_EEPROM_TABLE) { - strncpy(TableType, "EEPROM", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "EEPROM"); } if (Table == CS_MEMORY_TABLE) { - strncpy(TableType, "Memory", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Memory"); } if (Table == CS_TABLES_TABLE) { - strncpy(TableType, "Table", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "Table"); } if (Table == CS_APP_TABLE) { - strncpy(TableType, "App", CS_TABLETYPE_NAME_SIZE); + snprintf(TableType, CS_TABLETYPE_NAME_SIZE, "%s", "App"); } /* There was a problem somewhere, generate an event */