From 002ae3b232d0e83ed26cf097b4e52209ece1bf7e Mon Sep 17 00:00:00 2001 From: Shell Date: Tue, 21 May 2024 18:02:40 +0800 Subject: [PATCH] [dfsv2] fixup out-of-memory access This change addresses a potential out-of-memory access issue in the devfs filesystem component. The issue arises when the `rt_malloc` function allocates memory for a path string without accounting for the null terminator, leading to undefined behavior. As the manual documented: > DESCRIPTION > The strlen() function calculates the length of the string pointed to > by s, excluding the terminating null byte ('\0'). To fix this, the memory allocation size was increased by one byte to ensure space for the null terminator. This prevents potential out-of-memory access and ensures proper string termination. Signed-off-by: Shell --- components/dfs/dfs_v2/filesystems/devfs/devfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/dfs/dfs_v2/filesystems/devfs/devfs.c b/components/dfs/dfs_v2/filesystems/devfs/devfs.c index d2f340e1058..6db468fb5f6 100644 --- a/components/dfs/dfs_v2/filesystems/devfs/devfs.c +++ b/components/dfs/dfs_v2/filesystems/devfs/devfs.c @@ -427,7 +427,7 @@ mode_t dfs_devfs_device_to_mode(struct rt_device *device) static void dfs_devfs_mkdir(const char *fullpath, mode_t mode) { int len = rt_strlen(fullpath); - char *path = (char *)rt_malloc(len); + char *path = (char *)rt_malloc(len + 1); if (path) {