Skip to content

fix: use bounded strlcpy/snprintf in io-mpi.c#199

Open
orbisai0security wants to merge 16 commits into
ROSS-org:developfrom
orbisai0security:fix-v-001-core-rio-io-mpi.c
Open

fix: use bounded strlcpy/snprintf in io-mpi.c#199
orbisai0security wants to merge 16 commits into
ROSS-org:developfrom
orbisai0security:fix-v-001-core-rio-io-mpi.c

Conversation

@orbisai0security
Copy link
Copy Markdown

@orbisai0security orbisai0security commented May 20, 2026

Summary

Fix critical severity security issue in core/rio/io-mpi.c.

Vulnerability

Field Value
ID V-001
Severity CRITICAL
Scanner multi_agent_ai
Rule V-001
File core/rio/io-mpi.c:39

Description: Two unbounded strcpy calls in core/rio/io-mpi.c copy external strings into fixed-size buffers without any length validation. At line 39, strcpy(model_version, sha1) copies a SHA1 string from checkpoint metadata into a fixed buffer. At line 108, strcpy(g_io_checkpoint_name, master_filename) copies a user-supplied filename without bounds checking. If either source string exceeds the destination buffer size, the overflow overwrites adjacent stack memory including return addresses or saved frame pointers, enabling arbitrary code execution.

Changes

  • core/rio/io-mpi.c

Verification

  • Build passes
  • Scanner re-scan confirms fix
  • LLM code review passed

Automated security fix by OrbisAI Security

nmcglohon and others added 16 commits July 11, 2022 17:44
@nmcglohon
Fix our usage of GetGitRevisionDescription to match new functions (RO…
a9a7f8d 
…SS-org#187)
@helq
Merge pull request ROSS-org#193 from ROSS-org/develop
f27cff5 
New ROSS version 8.1.0 !
@helq
Fail when exceeding the maximum size of the tiebreaker signature when…
6aa1725 
… calling tw_trigger_gvt_hook_now
@helq
Merge branch 'master' into fix-now-trigger
241b2ed
@helq
Merge pull request ROSS-org#194 from ROSS-org/fix-now-trigger
3a19b9b 
Fixing GVT hook trigger when called by LPs
@caitlinross
add base build for github actions
d4ac2b2
@caitlinross
add missing sys/time.h include
55c4883
@caitlinross
remove .travis.yml
7ddb2ac
@caitlinross
Merge pull request ROSS-org#197 from ROSS-org/basic-ghactions-ci
270dfce 
Adding basic GitHub Actions CI build. Just one linux build with mpich for now. Removed .travis.yml
@caitlinross
add CLAUDE.md file
2d0b6d5
@caitlinross
remove USE_DAMARIS build path
9791cdf 
RISA is quite old and relies on a very old version of Damaris. Disabling
for now, with plans to rewrite RISA in the future.
@caitlinross
remove outdated coveralls setup
8f5e7da
@caitlinross
enable codecov
f358dd1
@caitlinross
removing old ross-config file as it doesn't seem to be used by CODES
5e14a26
@caitlinross
CMake improvements: remove old code (ROSS-org#198)
ad2198d 
Removing the USE_DAMARIS path in the build since RISA is quite out of
date and I highly doubt anyone uses it. Will hopefully do a rewrite of
RISA in the future!

Removed old coveralls build and added codecov. Apparently we had it
enabled previously, so it is comparing coverage of this PR to 5 years
ago, so the comparison is not meaningful. I believe future PRs would
then have coverage compared to recent changes after this is merged. We
can explore increasing coverage in the future.

Removed the ross-config because AFAICT it's not actually used by CODES.
I locally tested a CODES build after removing it and it was fine. As
part of this overhaul of CMake and CI, I'll eventually add a contract
test in ROSS CI so we can ensure PRs don't break CODES

Also this PR adds an initial CLAUDE.md file as I've been using it for
development.
@orbisai0security
fix: use bounded strlcpy/snprintf in io-mpi.c
38c9970 
Two unbounded strcpy calls in core/rio/io-mpi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@orbisai0security @nmcglohon @helq @caitlinross