[Coverity CID :219637] Untrusted value as argument in tests/net/lib/coap/src/main.c #33045

zephyrbot · 2021-03-07T00:54:30Z

Static code scan issues found in file:

https:/zephyrproject-rtos/zephyr/tree/bd97359a5338b2542d19011b6d6aa1d8d1b9cc3f/tests/net/lib/coap/src/main.c

Category: Insecure data handling
Function: test_parse_req_build_empty_ack
Component: Tests
CID: 219637

Details:

zephyr/tests/net/lib/coap/src/main.c

Line 637 in bd97359

k_free(ack_data);

Please fix or provide comments in coverity using the link:

https://scan9.coverity.com/reports.htm#v32951/p12996.

Note: This issue was created automatically. Priority was set based on classification
of the file affected and the impact field in coverity. Assignees were set using the CODEOWNERS file.

The text was updated successfully, but these errors were encountered:

rlubos · 2021-03-08T12:08:02Z

This is a false positive.

Coverity reports that Function coap_header_get_id returns tainted data.

This is not the case as any value that fits into uint16_t range is a good one - there's nothing to validate here.

zephyrbot added bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: low Low impact/importance bug labels Mar 7, 2021

zephyrbot assigned rlubos Mar 7, 2021

rlubos closed this as completed Mar 8, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Coverity CID :219637] Untrusted value as argument in tests/net/lib/coap/src/main.c #33045

[Coverity CID :219637] Untrusted value as argument in tests/net/lib/coap/src/main.c #33045

zephyrbot commented Mar 7, 2021

rlubos commented Mar 8, 2021

[Coverity CID :219637] Untrusted value as argument in tests/net/lib/coap/src/main.c #33045

[Coverity CID :219637] Untrusted value as argument in tests/net/lib/coap/src/main.c #33045

Comments

zephyrbot commented Mar 7, 2021

rlubos commented Mar 8, 2021