Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possible Buffer Underrun in cfe_fs_decompress.c [MMS-IVV-013] [OBS-1238] [GSFC DCR 22838] #135

Closed
skliper opened this issue Sep 30, 2019 · 3 comments · Fixed by #638 or #692
Closed

Possible Buffer Underrun in cfe_fs_decompress.c [MMS-IVV-013] [OBS-1238] [GSFC DCR 22838] #135

skliper opened this issue Sep 30, 2019 · 3 comments · Fixed by #638 or #692
Assignees
@skliper
Labels
bug
Milestone
Bootes

Comments

@skliper
Copy link
Contributor

skliper commented Sep 30, 2019

Source Code File: cfe\fsw\cfe-core\src\fs\cfe_fs_decompress.c
Line 530
Output from Code Analysis tool: "Buffer overflow, array index of 'x' may be outside the bounds. Array 'x' of size 17 declared at line 367 may use inde"
   
{{{
530  while ( ( i & ((1 << w) - 1) ) != x[h] ) {
531   h--;  /* don't need to update q */
532      w -= l;  
}}}

The array x could be under run if h attains a value of -1. This will occur if the condition does not evaluate to true before h is decremented below 0. This could also lead to an infinitely executing loop.
@skliper
Copy link
Contributor Author

skliper commented Sep 30, 2019

Imported from trac issue 104. Created by sstrege on 2015-08-28T15:09:02, last modified: 2019-03-01T15:27:58

@skliper skliper self-assigned this Sep 30, 2019
@skliper skliper added the bug label Sep 30, 2019
@skliper
Copy link
Contributor Author

skliper commented Sep 30, 2019

Trac comment by glimes on 2016-10-18 15:07:03:

Remove my name from many tickets (where it was applied by default), so others can tell that there are tickets that need some attention.

@skliper skliper removed their assignment Sep 30, 2019
@skliper skliper added this to the 6.8.0 milestone Feb 26, 2020
@skliper
Copy link
Contributor Author

skliper commented Feb 26, 2020

#399, #291 - plan to deprecate.

@skliper skliper self-assigned this Apr 24, 2020
skliper added a commit to skliper/cFE that referenced this issue Apr 24, 2020
@skliper
Fix nasa#399, Deprecate decompress
954ba6b 
Removes untraced capabilities to decompress libraries or
apps on load.  For non-startup apps, FS can be used.  For
startup, recommendation is to compress/decompress as part
of boot/startup vs individual applications/libs at load.

Also fixes nasa#291, by deprecating decompress it can be moved
to the FS app.

Also makes nasa#135 N/A, static code analysis issues in decompress
@skliper skliper mentioned this issue Apr 24, 2020
Merged
skliper added a commit to skliper/cFE that referenced this issue Apr 24, 2020
@skliper
Fix nasa#399, Deprecate decompress
9b6278c 
Removes untraced capabilities to decompress libraries or
apps on load.  For non-startup apps, FS can be used.  For
startup, recommendation is to compress/decompress as part
of boot/startup vs individual applications/libs at load.

Also fixes nasa#291, by deprecating decompress it can be moved
to the FS app.

Also makes nasa#135 N/A, static code analysis issues in decompress
skliper added a commit to skliper/cFE that referenced this issue Apr 28, 2020
@skliper
Fix nasa#399, Deprecate decompress
fec76a6 
Removes untraced capabilities to decompress libraries or
apps on load.  For non-startup apps, FS can be used.  For
startup, recommendation is to compress/decompress as part
of boot/startup vs individual applications/libs at load.

Also fixes nasa#291, by deprecating decompress it can be moved
to the FS app.

Also makes nasa#135 N/A, static code analysis issues in decompress
skliper added a commit to skliper/cFE that referenced this issue May 8, 2020
@skliper
Fix nasa#399, Deprecate decompress
56e024c 
Removes untraced capabilities to decompress libraries or
apps on load.  For non-startup apps, FS can be used.  For
startup, recommendation is to compress/decompress as part
of boot/startup vs individual applications/libs at load.

Also fixes nasa#291, by deprecating decompress it can be moved
to the FS app.

Also makes nasa#135 N/A, static code analysis issues in decompress
@skliper skliper linked a pull request May 19, 2020 that will close this issue
Integration Candidate COMBINED 2020-04-29 and 2020-05-06 #692
Merged
@skliper skliper closed this as completed May 19, 2020
@astrogeco astrogeco changed the title MMS-IVV-013 (OBS-1238) - Static Code Analysis: Possible Buffer Underrun in cfe_fs_decompress.c (GSFC DCR 22838) Static Code Analysis: Possible Buffer Underrun in cfe_fs_decompress.c [MMS-IVV-013] [OBS-1238] [GSFC DCR 22838] Oct 1, 2020
@astrogeco astrogeco changed the title Static Code Analysis: Possible Buffer Underrun in cfe_fs_decompress.c [MMS-IVV-013] [OBS-1238] [GSFC DCR 22838] Possible Buffer Underrun in cfe_fs_decompress.c [MMS-IVV-013] [OBS-1238] [GSFC DCR 22838] Oct 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@skliper skliper

Labels
bug
Projects
None yet
Milestone
Bootes
1 participant
@skliper