From 480d4e17727864f75dc60e22cb1a42e022cb1db3 Mon Sep 17 00:00:00 2001
From: Erhan Kurubas <erhan.kurubas@espressif.com>
Date: Sat, 28 May 2022 08:30:21 +0200
Subject: [PATCH] semihosting: fix accessing memory outside the bounds of the
 fn array

There is an accsess to wrong index, when arm semihosting_basedir
command not used or basedir set to empty string.

Signed-off-by: Erhan Kurubas <erhan.kurubas@espressif.com>
Change-Id: I3afa049d74b30496f5c03ba4ef67431784f81bdc
Fixes: ce5027ab019a ("semihosting: add semihosting_basedir command")
Reviewed-on: https://review.openocd.org/c/openocd/+/7005
Tested-by: jenkins
Reviewed-by: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
---
 src/target/semihosting_common.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/target/semihosting_common.c b/src/target/semihosting_common.c
index 2df6e38ae..0a60eb121 100644
--- a/src/target/semihosting_common.c
+++ b/src/target/semihosting_common.c
@@ -877,9 +877,11 @@ int semihosting_common(struct target *target)
 					semihosting->result = -1;
 					semihosting->sys_errno = ENOMEM;
 				} else {
-					strncpy((char *)fn, semihosting->basedir, basedir_len);
-					if (fn[basedir_len - 1] != '/')
-						fn[basedir_len++] = '/';
+					if (basedir_len > 0) {
+						strcpy((char *)fn, semihosting->basedir);
+						if (fn[basedir_len - 1] != '/')
+							fn[basedir_len++] = '/';
+					}
 					retval = target_read_memory(target, addr, 1, len, fn + basedir_len);
 					if (retval != ERROR_OK) {
 						free(fn);