From d5ce42a7baf90de1563b61580ad529cfa2fd81d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Desbiens?= Date: Wed, 24 Jun 2026 07:31:14 -0400 Subject: [PATCH] Flagged txm_module_object_pointer_get as deprecated Added #pragma message compile-time warning to the module library source and updated the DESCRIPTION blocks in both the library and manager implementations. Reason: this wrapper passes UINT_MAX as the name-buffer length to the underlying extended search. The comparison loop can therefore read past the end of a short name buffer, which is undefined behaviour. Callers should use txm_module_object_pointer_get_extended() and supply the actual buffer length. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .../src/txm_module_object_pointer_get.c | 23 ++++++++++++++++--- .../txm_module_manager_object_pointer_get.c | 7 +++--- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/common_modules/module_lib/src/txm_module_object_pointer_get.c b/common_modules/module_lib/src/txm_module_object_pointer_get.c index 6417457a5..fcd7ab1f8 100644 --- a/common_modules/module_lib/src/txm_module_object_pointer_get.c +++ b/common_modules/module_lib/src/txm_module_object_pointer_get.c @@ -23,6 +23,22 @@ #define TXM_MODULE #include "txm_module.h" #ifndef TXM_MODULE_OBJECT_POINTER_GET_CALL_NOT_USED + +/* DEPRECATION NOTICE + * txm_module_object_pointer_get() is deprecated. Do not use it in new code. + * + * WHY: this function passes UINT_MAX as the name-buffer length to the + * underlying search. If the name pointer points to a buffer shorter than + * the searched string, the comparison can read past the end of the buffer, + * which is undefined behaviour. + * + * WHAT TO DO: replace calls with txm_module_object_pointer_get_extended(), + * passing the actual length of the name buffer as the third argument. + */ +#pragma message("txm_module_object_pointer_get() is deprecated. " \ + "Use txm_module_object_pointer_get_extended() and pass " \ + "the actual name buffer length.") + /**************************************************************************/ /* */ /* FUNCTION RELEASE */ @@ -35,9 +51,10 @@ /* */ /* DESCRIPTION */ /* */ -/* This function is deprecated and calls the secure version of this */ -/* function (_txm_module_manager_object_pointer_get_extended) with the */ -/* maximum possible name length since none was passed. */ +/* DEPRECATED. Use _txm_module_object_pointer_get_extended() instead, */ +/* passing the actual name-buffer length. This wrapper passes */ +/* UINT_MAX as the length, which can cause the name-comparison loop */ +/* to read past the end of a short buffer (undefined behaviour). */ /* */ /* INPUT */ /* */ diff --git a/common_modules/module_manager/src/txm_module_manager_object_pointer_get.c b/common_modules/module_manager/src/txm_module_manager_object_pointer_get.c index 84cf6c96e..8b24558ba 100644 --- a/common_modules/module_manager/src/txm_module_manager_object_pointer_get.c +++ b/common_modules/module_manager/src/txm_module_manager_object_pointer_get.c @@ -37,9 +37,10 @@ /* */ /* DESCRIPTION */ /* */ -/* This function is deprecated and calls the secure version of this */ -/* function (_txm_module_manager_object_pointer_get_extended) with the */ -/* maximum possible name length since none was passed. */ +/* DEPRECATED. Use _txm_module_manager_object_pointer_get_extended() */ +/* instead, passing the actual name-buffer length. This wrapper */ +/* passes UINT_MAX as the length, which can cause the name-comparison */ +/* loop to read past the end of a short buffer (undefined behaviour). */ /* */ /* INPUT */ /* */