semihosting: fix accessing memory outside the bounds of the fn array

There is an accsess to wrong index, when arm semihosting_basedir
command not used or basedir set to empty string.

Signed-off-by: Erhan Kurubas <erhan.kurubas@espressif.com>
Change-Id: I3afa049d74b30496f5c03ba4ef67431784f81bdc
Fixes: ce5027ab019a ("semihosting: add semihosting_basedir command")
Reviewed-on: https://review.openocd.org/c/openocd/+/7005
Tested-by: jenkins
Reviewed-by: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>

diff --git a/src/target/semihosting_common.c b/src/target/semihosting_common.c
index 2df6e38aeaadbfd10dceb847770b06ff82a17004..0a60eb12118203d9a21a43445d18767c4643aeb2 100644 (file)
--- a/src/target/semihosting_common.c
+++ b/src/target/semihosting_common.c
@@ -877,9 +877,11 @@ int semihosting_common(struct target *target)
                                        semihosting->result = -1;
                                        semihosting->sys_errno = ENOMEM;
                                } else {
-                                       strncpy((char *)fn, semihosting->basedir, basedir_len);
-                                       if (fn[basedir_len - 1] != '/')
-                                               fn[basedir_len++] = '/';
+                                       if (basedir_len > 0) {
+                                               strcpy((char *)fn, semihosting->basedir);
+                                               if (fn[basedir_len - 1] != '/')
+                                                       fn[basedir_len++] = '/';
+                                       }
                                        retval = target_read_memory(target, addr, 1, len, fn + basedir_len);
                                        if (retval != ERROR_OK) {
                                                free(fn);