From 32afef040b5d3252d86f1785e294b74ec0d5682a Mon Sep 17 00:00:00 2001
From: Sympact06 <47295195+sympact06@users.noreply.github.com>
Date: Tue, 7 Apr 2026 13:59:20 +0200
Subject: [PATCH 1/2] fix: bounds-guard m_directories access in
 DpCatalog::fillBinaryTree (#4521)

---
 Svc/DpCatalog/DpCatalog.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Svc/DpCatalog/DpCatalog.cpp b/Svc/DpCatalog/DpCatalog.cpp
index 15749255efb..1fa2ec837ef 100644
--- a/Svc/DpCatalog/DpCatalog.cpp
+++ b/Svc/DpCatalog/DpCatalog.cpp
@@ -381,7 +381,10 @@ Fw::CmdResponse DpCatalog::fillBinaryTree() {
     FwSizeType totalFiles = 0;
 
     // get file listings from file system
-    for (FwSizeType dir = 0; dir < this->m_numDirectories; dir++) {
+    const FwSizeType numDirs = (this->m_numDirectories <= DP_MAX_DIRECTORIES)
+                                   ? this->m_numDirectories
+                                   : static_cast<FwSizeType>(DP_MAX_DIRECTORIES);
+    for (FwSizeType dir = 0; dir < numDirs; dir++) {
         // read in each directory and keep track of total
         this->log_ACTIVITY_LO_ProcessingDirectory(this->m_directories[dir]);
         FwSizeType filesRead = 0;

From fac345d2e512b0e3a80e86d0c15ba145b1efef9a Mon Sep 17 00:00:00 2001
From: Thomas Boyer-Chammard <49786685+thomas-bc@users.noreply.github.com>
Date: Thu, 30 Apr 2026 18:27:06 -0700
Subject: [PATCH 2/2] add double bounds check instead

---
 Svc/DpCatalog/DpCatalog.cpp | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/Svc/DpCatalog/DpCatalog.cpp b/Svc/DpCatalog/DpCatalog.cpp
index 8e472e0131c..961397040f1 100644
--- a/Svc/DpCatalog/DpCatalog.cpp
+++ b/Svc/DpCatalog/DpCatalog.cpp
@@ -381,10 +381,8 @@ Fw::CmdResponse DpCatalog::fillBinaryTree() {
     FwSizeType totalFiles = 0;
 
     // get file listings from file system
-    const FwSizeType numDirs = (this->m_numDirectories <= DP_MAX_DIRECTORIES)
-                                   ? this->m_numDirectories
-                                   : static_cast<FwSizeType>(DP_MAX_DIRECTORIES);
-    for (FwSizeType dir = 0; dir < numDirs; dir++) {
+    // double bounds to appease static analysis
+    for (FwSizeType dir = 0; dir < this->m_numDirectories && dir < static_cast<FwSizeType>(DP_MAX_DIRECTORIES); dir++) {
         // read in each directory and keep track of total
         this->log_ACTIVITY_LO_ProcessingDirectory(this->m_directories[dir]);
         FwSizeType filesRead = 0;