Skip to content

RDKEMW-14533 : DO NOT MERGE - fork2#70

Open
PreethiLakshmi91 wants to merge 1 commit intordkcentral:developfrom
PreethiLakshmi91:feature/test-workflows_f
Open

RDKEMW-14533 : DO NOT MERGE - fork2#70
PreethiLakshmi91 wants to merge 1 commit intordkcentral:developfrom
PreethiLakshmi91:feature/test-workflows_f

Conversation

@PreethiLakshmi91
Copy link
Copy Markdown

@PreethiLakshmi91 PreethiLakshmi91 commented Apr 20, 2026

Reason for change: Inclusion of coverity for BT
Test Procedure: NA
Risks: Low
Priority: P2

@ppalan289
RDKEMW-14533 : DO NOT MERGE - fork2
5b9a59d 
Reason for change: Inclusion of coverity for BT
Test Procedure: NA
Risks: Low
Priority: P2

Signed-off-by: ppalan289 <preethi_palanisamy@comcast.com>
Copilot AI review requested due to automatic review settings April 20, 2026 11:12
@PreethiLakshmi91 PreethiLakshmi91 requested a review from a team as a code owner April 20, 2026 11:12
Copilot AI reviewed Apr 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR appears to adjust Bluetooth adapter status callback logic in btrCore as part of “Inclusion of coverity for BT”, but the current change introduces an unsafe memory write.

Changes:

  • Modified the zero-initialization of a local stBTRCoreAdapter structure in btrCore_BTAdapterStatusUpdateCb.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link

Copilot AI Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The memset size is incorrect: lstAdapterInfo is a single stBTRCoreAdapter, but 10*sizeof(stBTRCoreAdapter) will overwrite adjacent stack memory (undefined behavior / potential crash or vulnerability). Use sizeof(lstAdapterInfo) (or sizeof(stBTRCoreAdapter)) as the third argument instead of scaling by 10.

Suggested change
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, sizeof(lstAdapterInfo));

Copilot uses AI. Check for mistakes.
rdkcmf-jenkins
rdkcmf-jenkins reviewed Apr 20, 2026
View reviewed changes
Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link
Copy Markdown
Contributor

@rdkcmf-jenkins rdkcmf-jenkins Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coverity Issue - Wrong sizeof argument

Passing argument "&lstAdapterInfo" of type "stBTRCoreAdapter *" and argument "480UL" ("10UL * 48UL") to function "memset" is suspicious because "sizeof (stBTRCoreAdapter) /48/" is expected.

Medium Impact, CWE-131
SIZEOF_MISMATCH

Comment thread src/btrCore.c
}

memset(&lstAdapterInfo, 0, sizeof(stBTRCoreAdapter));
memset(&lstAdapterInfo, 0, 10*sizeof(stBTRCoreAdapter));
Copy link
Copy Markdown
Contributor

@rdkcmf-jenkins rdkcmf-jenkins Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coverity Issue - Out-of-bounds access

Overrunning struct type stBTRCoreAdapter of 48 bytes by passing it to a function which accesses it at byte offset 479 using argument "480UL".

High Impact, CWE-119
OVERRUN

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rdkcmf-jenkins rdkcmf-jenkins rdkcmf-jenkins left review comments

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@PreethiLakshmi91 @rdkcmf-jenkins @ppalan289