search

zephyrproject-rtos / zephyr

Primary Git Repository for the Zephyr Project. Zephyr is a new generation, scalable, optimized, secure RTOS for multiple hardware architectures.
https://docs.zephyrproject.org
Apache License 2.0
10.64k stars 6.51k forks source link

[Coverity CID: 366275] Untrusted array index read in drivers/sensor/grow_r502a/grow_r502a.c #74762

Open zephyrbot opened 3 months ago

zephyrbot commented 3 months ago

Static code scan issues found in file:

https://github.com/zephyrproject-rtos/zephyr/tree/dcf42917c550714d2457947538b9e29d083e872e/drivers/sensor/grow_r502a/grow_r502a.c

Category: Insecure data handling Function: r502a_validate_rx_packet Component: Drivers CID: 366275

Details:

https://github.com/zephyrproject-rtos/zephyr/blob/dcf42917c550714d2457947538b9e29d083e872e/drivers/sensor/grow_r502a/grow_r502a.c#L106

Please fix or provide comments in coverity using the link:

https://scan9.scan.coverity.com/#/project-view/29271/12996?selectedIssue=366275

For more information about the violation, check the Coverity Reference. (CWE-129)

Note: This issue was created automatically. Priority was set based on classification of the file affected and the impact field in coverity. Assignees were set using the MAINTAINERS file.

MaureenHelm commented 3 months ago

@DineshDK03 please take a look