This is an automated email from the ASF dual-hosted git repository. xiaoxiang781216 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/nuttx-apps.git
commit 78bf19c83c30730ae2331911a5a57f760734ee10 Author: fangpeina <[email protected]> AuthorDate: Thu Dec 4 18:07:15 2025 +0800 system/nxinit: prevent parser from reading past string boundry Any string ending with whitespace passed to init_parse_arguments() could cause the parser to advance past the string boundary and read unintended memory content. - " echo "A" \0& echo "B" should be parsed as a command with two argvs instand of five. - "command arg " may lead to uncertain results. Signed-off-by: fangpeina <[email protected]> --- system/nxinit/parser.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/system/nxinit/parser.c b/system/nxinit/parser.c index 11c90c00d..f88b74e69 100644 --- a/system/nxinit/parser.c +++ b/system/nxinit/parser.c @@ -46,7 +46,7 @@ int init_parse_arguments(FAR char *buf, bool dup, int argc, FAR char **argv) bool new = true; int i = 0; - while (*buf != '\0') + for (; ; ) { while (isblank(*buf)) { @@ -91,6 +91,11 @@ int init_parse_arguments(FAR char *buf, bool dup, int argc, FAR char **argv) } } + if (*buf == '\0') + { + break; + } + if (new) { argv[i++] = buf;
