Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Coverity CID: 220536] Pointer to local outside scope in subsys/net/lib/lwm2m/lwm2m_engine.c #34005

Closed
zephyrbot opened this issue Apr 3, 2021 · 0 comments · Fixed by #34075
Closed

[Coverity CID: 220536] Pointer to local outside scope in subsys/net/lib/lwm2m/lwm2m_engine.c #34005

zephyrbot opened this issue Apr 3, 2021 · 0 comments · Fixed by #34075
Assignees
@rlubos
Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: medium Medium impact/importance bug

Comments

@zephyrbot
Copy link
Collaborator

Static code scan issues found in file:

https://github.com/zephyrproject-rtos/zephyr/tree/b86f7addae05add0db45d9b528854235fbb93a48/subsys/net/lib/lwm2m/lwm2m_engine.c#L573

Category: Memory - illegal accesses
Function: lwm2m_path_log_strdup
Component: Networking
CID: 220536

Details:

zephyr/subsys/net/lib/lwm2m/lwm2m_engine.c

Line 573 in b86f7ad

return log_strdup(buf); 

567             cur += sprintf(buf + cur, "/%u", path->res_id);
568         }
569         if (path->level > 3) {
570             cur += sprintf(buf + cur, "/%u", path->res_inst_id);
571         }
572    
>>>     CID 220536:  Memory - illegal accesses  (RETURN_LOCAL)
>>>     Returning result of calling "log_strdup".
573         return log_strdup(buf);
574     }
575     #endif /* CONFIG_LOG */
576    
577     #if defined(CONFIG_LWM2M_CANCEL_OBSERVE_BY_PATH)
578     static int engine_remove_observer_by_path(struct lwm2m_obj_path *path)

Please fix or provide comments in coverity using the link:

https://scan9.coverity.com/reports.htm#v29271/p12996

Note: This issue was created automatically. Priority was set based on classification
of the file affected and the impact field in coverity. Assignees were set using the CODEOWNERS file.
@zephyrbot zephyrbot added bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: medium Medium impact/importance bug labels Apr 3, 2021
@rlubos rlubos mentioned this issue Apr 7, 2021
Merged
rlubos added a commit to rlubos/zephyr that referenced this issue Apr 26, 2021
@rlubos
net: lwm2m: Fix lwm2m_path_log_strdup buffer usage
9e6cf7e 
Currently the lwm2m_path_log_strdup allocates a temporary buffer on a
stack, and then passes it to the log_strdup function to create a copy
of the string for the logger. log_strdup however will not copy the
string if for instance immediate logging is used, therefore the logging
function will still use the memory address of the already invalid buffer
allocated within lwm2m_path_log_strdup.

Fix this by passing an addittional `buf` parameter to the
lwm2m_path_log_strdup function, therefore allowing the user to provide
the buffer within a valid scope.

CID: 220536
Fixes zephyrproject-rtos#34005

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
carlescufi pushed a commit that referenced this issue Apr 28, 2021
@rlubos @carlescufi
net: lwm2m: Fix lwm2m_path_log_strdup buffer usage
653c987 
Currently the lwm2m_path_log_strdup allocates a temporary buffer on a
stack, and then passes it to the log_strdup function to create a copy
of the string for the logger. log_strdup however will not copy the
string if for instance immediate logging is used, therefore the logging
function will still use the memory address of the already invalid buffer
allocated within lwm2m_path_log_strdup.

Fix this by passing an addittional `buf` parameter to the
lwm2m_path_log_strdup function, therefore allowing the user to provide
the buffer within a valid scope.

CID: 220536
Fixes #34005

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rlubos rlubos

Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: medium Medium impact/importance bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

net: lwm2m: Fix lwm2m_path_log_strdup buffer usage rlubos/zephyr
3 participants
@jukkar @rlubos @zephyrbot