Mirrors_Framework/PX4-Autopilot
1
0
Fork 0
mirror of https://github.com/PX4/PX4-Autopilot.git synced 2026-05-21 21:55:34 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

logger: copy null terminator in write_info memcpy

Browse Source 
clang-tidy flags the memcpy of vlen bytes as
bugprone-not-null-terminated-result because the destination buffer
region is left unterminated in memory.

Copy vlen + 1 bytes (including the source null terminator) so the
buffer is null-terminated in memory. The ULog msg_size is not
incremented for the extra byte — the null sits in the struct's
key_value_str padding and is never written to the log file, preserving
the ULog wire format which does not include a null terminator for
string values.

The bounds check (vlen < sizeof(msg) - msg_size) guarantees at least
one byte of headroom beyond vlen, so vlen + 1 is always within the
struct.

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
This commit is contained in:
Ramon Roche
2026-02-09 15:09:52 -08:00
parent 0646fa6c9d
commit 83a4d648e3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/modules/logger/logger.cpp
+2 -2
View File
@@ -1890,7 +1890,7 @@ void Logger::write_info(LogType type, const char *name, const char *value)
/* copy string value directly to buffer */
if (vlen < (sizeof(msg) - msg_size)) {
memcpy(&buffer[msg_size], value, vlen);
memcpy(&buffer[msg_size], value, vlen + 1);
msg_size += vlen;
msg.msg_size = msg_size - ULOG_MSG_HEADER_LEN;
@@ -1916,7 +1916,7 @@ void Logger::write_info_multiple(LogType type, const char *name, const char *val
/* copy string value directly to buffer */
if (vlen < (sizeof(msg) - msg_size)) {
memcpy(&buffer[msg_size], value, vlen);
memcpy(&buffer[msg_size], value, vlen + 1);
msg_size += vlen;
msg.msg_size = msg_size - ULOG_MSG_HEADER_LEN;