RVD#2661: printf, temcmds/tests/test_time.c:128, ...

[rvd-bot]

id: 2661
title: 'RVD#2661: printf, temcmds/tests/test_time.c:128, ...'
type: bug
description: "Check to be sure that the non-constant format string passed as argument\
  \ 1 \n    to this function call does not come from an untrusted source that could\n\
  \    have added formatting characters that the code is not prepared to handle. @\
  \ /opt/px4_ws/Firmware/src/systemcmds/tests/test_time.c128, \n/opt/px4_ws/Firmware/boards/emlid/navio2/navio_rgbled/test/test.cpp65,\
  \ \n/opt/px4_ws/Firmware/platforms/qurt/src/px4/common/px4_qurt_impl.cpp79, \n"
cwe: None
cve: None
keywords:
- rats
- static analysis
- testing
- triage
- bug
- 'version: v1.10.2'
- 'robot component: PX4'
- components software
system: ''
vendor: null
severity:
  rvss-score: 0
  rvss-vector: ''
  severity-description: ''
  cvss-score: 0
  cvss-vector: ''
links:
- https://github.com/aliasrobotics/RVD/issues/2661
flaw:
  phase: testing
  specificity: subject-specific
  architectural-location: application-specific
  application: N/A
  subsystem: N/A
  package: N/A
  languages: None
  date-detected: 2020-06-29 (12:39)
  detected-by: Alias Robotics
  detected-by-method: testing static
  date-reported: 2020-06-29 (12:39)
  reported-by: Alias Robotics
  reported-by-relationship: automatic
  issue: https://github.com/aliasrobotics/RVD/issues/2661
  reproducibility: always
  trace: ''
  reproduction: See artifacts below (if available)
  reproduction-image: gitlab.com/aliasrobotics/offensive/alurity/pipelines/active/pipeline_px4/-/jobs/615577396/artifacts/download
exploitation:
  description: ''
  exploitation-image: ''
  exploitation-vector: ''
  exploitation-recipe: ''
mitigation:
  description: ''
  pull-request: ''
  date-mitigation: ''

[rvd-bot]

Ticket is still missing triage. Closing for inactivity