Skip to content

Commit 8554dfa

Browse files
Nancy Zhangclaude
Nancy Zhang
and
claude
committed
fix: Use bounded string functions to prevent over-read on non-null-terminated strings (CWE-126)
Replace strlen/strcmp with strnlen/strncmp across cbv2g_wrapper to address Codacy static analysis findings. No behavioral change for valid null-terminated input. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Nancy Zhang <nancy.zhang@enteligent.com>
1 parent 2bc970d commit 8554dfa

File tree

3 files changed

+19
-14
lines changed

3 files changed

+19
-14
lines changed

iso15118/shared/cbv2g_wrapper/src/apphand_converter.c

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@ static int json_to_apphand_req(cJSON* json, struct appHand_supportedAppProtocolR
192192

193193
/* ProtocolNamespace */
194194
const char* ns = json_get_string(item, "ProtocolNamespace");
195-
size_t ns_len = strlen(ns);
195+
size_t ns_len = strnlen(ns, appHand_ProtocolNamespace_CHARACTER_SIZE);
196196
if (ns_len >= appHand_ProtocolNamespace_CHARACTER_SIZE) {
197197
ns_len = appHand_ProtocolNamespace_CHARACTER_SIZE - 1;
198198
}
@@ -220,11 +220,14 @@ static int json_to_apphand_res(cJSON* json, struct appHand_supportedAppProtocolR
220220

221221
/* ResponseCode */
222222
const char* response_code = json_get_string(json, "ResponseCode");
223-
if (strcmp(response_code, "OK_SuccessfulNegotiation") == 0) {
223+
if (strncmp(response_code, "OK_SuccessfulNegotiation",
224+
sizeof("OK_SuccessfulNegotiation")) == 0) {
224225
res->ResponseCode = appHand_responseCodeType_OK_SuccessfulNegotiation;
225-
} else if (strcmp(response_code, "OK_SuccessfulNegotiationWithMinorDeviation") == 0) {
226+
} else if (strncmp(response_code, "OK_SuccessfulNegotiationWithMinorDeviation",
227+
sizeof("OK_SuccessfulNegotiationWithMinorDeviation")) == 0) {
226228
res->ResponseCode = appHand_responseCodeType_OK_SuccessfulNegotiationWithMinorDeviation;
227-
} else if (strcmp(response_code, "Failed_NoNegotiation") == 0) {
229+
} else if (strncmp(response_code, "Failed_NoNegotiation",
230+
sizeof("Failed_NoNegotiation")) == 0) {
228231
res->ResponseCode = appHand_responseCodeType_Failed_NoNegotiation;
229232
} else {
230233
/* Try as integer */

iso15118/shared/cbv2g_wrapper/src/cbv2g_json_wrapper.c

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -51,32 +51,32 @@ static protocol_t get_protocol(const char* namespace) {
5151
return PROTOCOL_UNKNOWN;
5252
}
5353

54-
if (strcmp(namespace, NS_SAP) == 0) {
54+
if (strncmp(namespace, NS_SAP, sizeof(NS_SAP)) == 0) {
5555
return PROTOCOL_SAP;
5656
}
57-
if (strcmp(namespace, NS_DIN_MSG_DEF) == 0) {
57+
if (strncmp(namespace, NS_DIN_MSG_DEF, sizeof(NS_DIN_MSG_DEF)) == 0) {
5858
return PROTOCOL_DIN;
5959
}
60-
if (strcmp(namespace, NS_ISO_V2_MSG_DEF) == 0) {
60+
if (strncmp(namespace, NS_ISO_V2_MSG_DEF, sizeof(NS_ISO_V2_MSG_DEF)) == 0) {
6161
return PROTOCOL_ISO2;
6262
}
63-
if (strcmp(namespace, NS_ISO_V20_COMMON_MSG) == 0) {
63+
if (strncmp(namespace, NS_ISO_V20_COMMON_MSG, sizeof(NS_ISO_V20_COMMON_MSG)) == 0) {
6464
return PROTOCOL_ISO20_COMMON;
6565
}
66-
if (strcmp(namespace, NS_ISO_V20_AC) == 0) {
66+
if (strncmp(namespace, NS_ISO_V20_AC, sizeof(NS_ISO_V20_AC)) == 0) {
6767
return PROTOCOL_ISO20_AC;
6868
}
69-
if (strcmp(namespace, NS_ISO_V20_DC) == 0) {
69+
if (strncmp(namespace, NS_ISO_V20_DC, sizeof(NS_ISO_V20_DC)) == 0) {
7070
return PROTOCOL_ISO20_DC;
7171
}
72-
if (strcmp(namespace, NS_ISO_V20_WPT) == 0) {
72+
if (strncmp(namespace, NS_ISO_V20_WPT, sizeof(NS_ISO_V20_WPT)) == 0) {
7373
return PROTOCOL_ISO20_WPT;
7474
}
75-
if (strcmp(namespace, NS_ISO_V20_ACDP) == 0) {
75+
if (strncmp(namespace, NS_ISO_V20_ACDP, sizeof(NS_ISO_V20_ACDP)) == 0) {
7676
return PROTOCOL_ISO20_ACDP;
7777
}
7878
/* Check for ISO20 base prefix */
79-
if (strncmp(namespace, NS_ISO_V20_BASE, strlen(NS_ISO_V20_BASE)) == 0) {
79+
if (strncmp(namespace, NS_ISO_V20_BASE, sizeof(NS_ISO_V20_BASE) - 1) == 0) {
8080
return PROTOCOL_ISO20_COMMON;
8181
}
8282

iso15118/shared/cbv2g_wrapper/src/json_utils.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -180,7 +180,9 @@ int json_has_key(cJSON* obj, const char* key) {
180180
size_t json_get_bytes(cJSON* obj, const char* key, uint8_t* output, size_t output_size) {
181181
cJSON* item = cJSON_GetObjectItemCaseSensitive(obj, key);
182182
if (item && cJSON_IsString(item)) {
183-
return base64_decode(item->valuestring, strlen(item->valuestring), output, output_size);
183+
size_t max_b64_len = ((output_size + 2) / 3) * 4;
184+
size_t vs_len = strnlen(item->valuestring, max_b64_len);
185+
return base64_decode(item->valuestring, vs_len, output, output_size);
184186
}
185187
return 0;
186188
}

0 commit comments

Comments
 (0)