From 85507981000e5d68788a3ff00f66adb1b0aca842 Mon Sep 17 00:00:00 2001
From: Dana Robinson <43805+derobins@users.noreply.github.com>
Date: Mon, 16 Oct 2023 10:20:18 -0700
Subject: Fix invalid memory access in S3 comms (#3681)

In the ros3 VFD, passing an empty string parameter to an internal
API call could result in accessing the -1th element of a string.
This would cause failures on big-endian systems like s390x.

This parameter is now checked before writing to the string.

Fixes GitHub #1168
---
 src/H5FDs3comms.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/H5FDs3comms.c b/src/H5FDs3comms.c
index 58fc435..dae1149 100644
--- a/src/H5FDs3comms.c
+++ b/src/H5FDs3comms.c
@@ -1713,7 +1713,8 @@ H5FD_s3comms_aws_canonical_request(char *canonical_request_dest, int _cr_size, c
     } /* end while node is not NULL */
 
     /* remove trailing ';' from signed headers sequence */
-    signed_headers_dest[strlen(signed_headers_dest) - 1] = '\0';
+    if (*signed_headers_dest != '\0')
+        signed_headers_dest[strlen(signed_headers_dest) - 1] = '\0';
 
     /* append signed headers and payload hash
      * NOTE: at present, no HTTP body is handled, per the nature of
-- 
cgit v0.12