fixed: Buffer Overflow Vulnerability in countFields Function

[ayushman1210]

Buffer Overflow Vulnerability in countFields() Function

Location: src/common/util.c, lines 51-62
Description:
The countFields() function has a fixed-size buffer of 256 bytes but uses strcpy() without bounds checking

int countFields(const char *line, const char *sep) {
  // strtok modifies string, so we need a copy
  char lineCopy[256];
  strcpy(lineCopy, line);  // UNSAFE - No bounds checking!
  // ... rest of function
}

If the input line parameter exceeds 255 characters (plus null terminator), strcpy() will write beyond the buffer boundary, causing a buffer overflow. This can lead to:

• Stack corruption
• Segmentation faults
• Potential security exploits
• Unpredictable program behavior

This function is called from:

• readClimData() in sipnet.c (line 164)
• checkParamFormat() in modelParams.c (line 129)
  Both functions process user-supplied input files, making this a exploitable vulnerability.

changes made
Replace strcpy() with strncpy() or use dynamic allocation

[ayushman1210]

Hi @dlebauer @Alomir just wanted to check in and see if you had any thoughts on this PR when you get a chance.
Happy to make changes or answer questions.
Thanks!!

[Alomir]

Thanks for the work on this!