SCA Finding in CFE_TBL_Load
Describe the bug Klockwork static analysis tool flagged the following finding:
File: /ccrs/flight-sw/fsw/cfe/modules/tbl/fsw/src/cfe_tbl_api.c Line: 833 Function: CFE_TBL_Load Finding: Buffer Overflow - Array Index Out of Bounds
To Reproduce Run Klocwork tool
Reporter Info Beth Geist/NASA GSFC
This line? https://github.com/nasa/cFE/blob/03166722cdde3f1b337742088e7137ebacf64734/modules/tbl/fsw/src/cfe_tbl_api.c#L833
This one is entirely plausible. CFE_TBL_Load has been on our list of worst offenders for over complexity. There are so many permutations of possibilities in here, it wouldn't surprise me if there are cases where this has a genuine possibility for out-of-bounds array access.
I wouldn't attempt to "fix" this code though, unless its done as part of a more comprehensive cleanup intended to reduce the complexity of these operations.
Related issues #483, #600, #1504, #1521, #1750, #1861.
Fixing these known issues would probably make this warning go away as well.