Out-of-bounds Write for VerboseStr

[ArielSAdamsNASA]

Describe the bug
Bad while loop causing out-of-bounds write

Expected behavior
Fix while loop

Code snips

elf2cfetbl/elf2cfetbl.c

Lines 1927 to 1932 in 10f55fb

	while ((i < sizeof(VerboseStr)) && ((VerboseStr[i] = fgetc(SrcFileDesc)) != '\0'))
	{
	i++;
	}
	VerboseStr[i] = '\0'; /* Just in case i=sizeof(VerboseStr) */

System observed on:
Coverity: https://scan.coverity.com/projects/arielsadamsnasa-cfs-jsf-rules?tab=overview

Additional context
Checking i < 60UL implies that i is 60 on the false branch.

Overrunning array VerboseStr of 60 bytes at byte offset 60 using index i (which evaluates to 60).

Reporter Info
Ariel Adams, ASRC Federal

[himanshu007-creator]

Hi, I would like to work on this issue. Can you guide me further on what needs ti be done ^_^

[skliper]

@himanshu007-creator - I haven't reviewed all the code, but likely could remove the while loop all together and just set the last character as '\0' and use strlen to size the stored symbol name. Something like:

/* Ensure null terminated */
VerboseStr[sizeof(VerboseStr) - 1] = '\0';

SymbolNames[SymbolIndex] = malloc(strlen(VerboseStr) + 1);

Then you can likely also remove i as a variable. For general process see the contribution guide. Feel free to reach out w/ any questions!