Skip to content

[Coverity CID: 516232] Out-of-bounds access in subsys/net/ip/ipv6.c #90544

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
zephyrbot opened this issue May 25, 2025 · 0 comments · Fixed by #90576
Closed

[Coverity CID: 516232] Out-of-bounds access in subsys/net/ip/ipv6.c #90544

zephyrbot opened this issue May 25, 2025 · 0 comments · Fixed by #90576
Assignees
@jukkar
Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: low Low impact/importance bug

Comments

@zephyrbot
Copy link
Collaborator

Static code scan issues found in file:

https://github.com/zephyrproject-rtos/zephyr/tree/265cfb45a818f39cf03c3527b5d1b21027d3cac1/subsys/net/ip/ipv6.c

Category: Memory - corruptions
Function: net_ipv6_addr_generate_iid
Component: Networking
CID: 516232

Details:

zephyr/subsys/net/ip/ipv6.c

Line 1033 in 265cfb4

memcpy(&tmp_addr.s6_addr[8], lladdr->addr, lladdr->len);

Please fix or provide comments in coverity using the link:

https://scan9.scan.coverity.com/#/project-view/29271/12996?selectedIssue=516232

For more information about the violation, check the Coverity Reference. (CWE-119)

Note: This issue was created automatically. Priority was set based on classification
of the file affected and the impact field in coverity. Assignees were set using the MAINTAINERS file.
@zephyrbot zephyrbot added bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug area: Networking Coverity A Coverity detected issue or its fix labels May 25, 2025
@jukkar jukkar mentioned this issue May 26, 2025
Merged
@jukkar jukkar added priority: low Low impact/importance bug and removed priority: high High impact/importance bug labels May 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jukkar jukkar

Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug Coverity A Coverity detected issue or its fix priority: low Low impact/importance bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

net: ipv6: Make sure we do not access link address past array length jukkar/zephyr
3 participants
@jukkar @rlubos @zephyrbot