From e5d46f5ae2d0f2fcb07f6dc079b432760999eeb3 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 17 Nov 2025 03:45:09 +0000
Subject: [PATCH 1/4] Initial plan


From 6ce5619a0e970cb0d9c762a152eff22a5b402ebb Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 17 Nov 2025 03:48:58 +0000
Subject: [PATCH 2/4] Remove object name length assertions, keep error messages

- Remove RT_ASSERT from rt_object_init() (line 402)
- Remove RT_ASSERT from rt_object_allocate() (line 518)
- Keep LOG_E error messages to warn about name length issues
- This allows objects with long names to be created with truncation warning

Co-authored-by: Rbb666 <64397326+Rbb666@users.noreply.github.com>
---
 src/object.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/object.c b/src/object.c
index 1d5a211208b..cb4cece3ddb 100644
--- a/src/object.c
+++ b/src/object.c
@@ -399,7 +399,6 @@ void rt_object_init(struct rt_object         *object,
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
-            RT_ASSERT(obj_name_len <= RT_NAME_MAX - 1);
         }
         rt_memcpy(object->name, name, obj_name_len);
         object->name[obj_name_len] = '\0';
@@ -515,7 +514,6 @@ rt_object_t rt_object_allocate(enum rt_object_class_type type, const char *name)
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
-            RT_ASSERT(obj_name_len <= RT_NAME_MAX - 1);
         }
         rt_memcpy(object->name, name, obj_name_len);
         object->name[obj_name_len] = '\0';

From 65c2dee62b05b397cb9e71dd7724bd4dce0cf39a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 17 Nov 2025 03:50:57 +0000
Subject: [PATCH 3/4] Fix buffer overflow when object name exceeds RT_NAME_MAX

- Truncate obj_name_len to RT_NAME_MAX - 1 before memcpy
- Prevents buffer overflow in both rt_object_init() and rt_object_allocate()
- Ensures safe truncation of long object names

Co-authored-by: Rbb666 <64397326+Rbb666@users.noreply.github.com>
---
 src/object.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/object.c b/src/object.c
index cb4cece3ddb..feb2e22e402 100644
--- a/src/object.c
+++ b/src/object.c
@@ -399,6 +399,7 @@ void rt_object_init(struct rt_object         *object,
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
+            obj_name_len = RT_NAME_MAX - 1;
         }
         rt_memcpy(object->name, name, obj_name_len);
         object->name[obj_name_len] = '\0';
@@ -514,6 +515,7 @@ rt_object_t rt_object_allocate(enum rt_object_class_type type, const char *name)
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
+            obj_name_len = RT_NAME_MAX - 1;
         }
         rt_memcpy(object->name, name, obj_name_len);
         object->name[obj_name_len] = '\0';

From 9a4f00c69f71b19a9195d59ebb7a48eae9ac103d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 18 Nov 2025 02:02:45 +0000
Subject: [PATCH 4/4] Use rt_strncpy instead of manual truncation for object
 names

- Replace rt_memcpy with rt_strncpy for safer name handling
- Remove manual obj_name_len truncation
- rt_strncpy automatically handles truncation safely
- Ensure null termination at RT_NAME_MAX - 1

Co-authored-by: Rbb666 <64397326+Rbb666@users.noreply.github.com>
---
 src/object.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/object.c b/src/object.c
index feb2e22e402..507a47894e1 100644
--- a/src/object.c
+++ b/src/object.c
@@ -399,10 +399,9 @@ void rt_object_init(struct rt_object         *object,
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
-            obj_name_len = RT_NAME_MAX - 1;
         }
-        rt_memcpy(object->name, name, obj_name_len);
-        object->name[obj_name_len] = '\0';
+        rt_strncpy(object->name, name, RT_NAME_MAX - 1);
+        object->name[RT_NAME_MAX - 1] = '\0';
     }
     else
     {
@@ -515,10 +514,9 @@ rt_object_t rt_object_allocate(enum rt_object_class_type type, const char *name)
         if(obj_name_len > RT_NAME_MAX - 1)
         {
             LOG_E("Object name %s exceeds RT_NAME_MAX=%d, consider increasing RT_NAME_MAX.", name, RT_NAME_MAX);
-            obj_name_len = RT_NAME_MAX - 1;
         }
-        rt_memcpy(object->name, name, obj_name_len);
-        object->name[obj_name_len] = '\0';
+        rt_strncpy(object->name, name, RT_NAME_MAX - 1);
+        object->name[RT_NAME_MAX - 1] = '\0';
     }
     else
     {