Skip to content

RDKEMW-14533 : DO NOT MERGE#69

Open
PreethiLakshmi91 wants to merge 1 commit intodevelopfrom
feature/test-workflows
Open

RDKEMW-14533 : DO NOT MERGE#69
PreethiLakshmi91 wants to merge 1 commit intodevelopfrom
feature/test-workflows

Conversation

@PreethiLakshmi91
Copy link
Copy Markdown

@PreethiLakshmi91 PreethiLakshmi91 commented Apr 20, 2026

Reason for change: Inclusion of coverity for BT
Test Procedure: NA
Risks: Low
Priority: P2

@ppalan289
RDKEMW-14533 : DO NOT MERGE
b9409cf 
Reason for change: Inclusion of coverity for BT
Test Procedure: NA
Risks: Low
Priority: P2

Signed-off-by: ppalan289 <preethi_palanisamy@comcast.com>
Copilot AI review requested due to automatic review settings April 20, 2026 11:03
@PreethiLakshmi91 PreethiLakshmi91 requested a review from a team as a code owner April 20, 2026 11:03
Copilot AI reviewed Apr 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates btrCore_BTAdapterStatusUpdateCb() initialization logic, ostensibly to address Coverity findings related to BT adapter handling.

Changes:

  • Modifies the memset() size used to zero-initialize a local stBTRCoreAdapter instance.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link

Copilot AI Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

memset() is clearing 10*sizeof(stBTRCoreAdapter) bytes starting at &lstAdapterInfo, but lstAdapterInfo is a single stBTRCoreAdapter local variable. This writes past the stack object and is a memory corruption bug. Use sizeof(lstAdapterInfo) (or sizeof(stBTRCoreAdapter)) as the third argument; if an array is intended, declare an array and update all uses accordingly.

Suggested change
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, sizeof(lstAdapterInfo));

Copilot uses AI. Check for mistakes.
rdkcmf-jenkins
rdkcmf-jenkins reviewed Apr 20, 2026
View reviewed changes
Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link
Copy Markdown
Contributor

@rdkcmf-jenkins rdkcmf-jenkins Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coverity Issue - Wrong sizeof argument

Passing argument "&lstAdapterInfo" of type "stBTRCoreAdapter *" and argument "480UL" ("10UL * 48UL") to function "memset" is suspicious because "sizeof (stBTRCoreAdapter) /48/" is expected.

Medium Impact, CWE-131
SIZEOF_MISMATCH

Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link
Copy Markdown
Contributor

@rdkcmf-jenkins rdkcmf-jenkins Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coverity Issue - Out-of-bounds access

Overrunning struct type stBTRCoreAdapter of 48 bytes by passing it to a function which accesses it at byte offset 479 using argument "480UL".

High Impact, CWE-119
OVERRUN

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rdkcmf-jenkins rdkcmf-jenkins rdkcmf-jenkins left review comments

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@PreethiLakshmi91 @rdkcmf-jenkins @ppalan289