RVD#3279: Check to be sure that argument 2 passed to this function call will not..., ...batt_smbus/batt_smbus.cpp:607,618,629, ...
rvd-bot opened this issue · 0 comments
rvd-bot commented
id: 3279
title: 'RVD#3279: Check to be sure that argument 2 passed to this function call will
not..., ...batt_smbus/batt_smbus.cpp:607,618,629, ...'
type: bug
description: "Check to be sure that argument 2 passed to this function call will not\n\
\ copy more data than can be handled, resulting in a buffer overflow. @ /opt/px4_ws/Firmware/src/drivers/batt_smbus/batt_smbus.cpp607,618,629,\
\ \n/opt/px4_ws/Firmware/src/drivers/linux_sbus/linux_sbus.cpp106,283, \n/opt/px4_ws/Firmware/src/modules/mavlink/mavlink_main.cpp1495,\
\ \n/opt/px4_ws/Firmware/src/modules/micrortps_bridge/micrortps_client/microRTPS_client_main.cpp89,\
\ \n/opt/px4_ws/Firmware/msg/templates/urtps/microRTPS_transport.cpp255, \n"
cwe: None
cve: None
keywords:
- rats
- static analysis
- testing
- triage
- bug
- 'version: v1.7.0'
- 'robot component: PX4'
- components software
system: ''
vendor: null
severity:
rvss-score: 0
rvss-vector: ''
severity-description: ''
cvss-score: 0
cvss-vector: ''
links:
- https://github.com/aliasrobotics/RVD/issues/3279
flaw:
phase: testing
specificity: subject-specific
architectural-location: application-specific
application: N/A
subsystem: N/A
package: N/A
languages: None
date-detected: 2020-06-29 (21:16)
detected-by: Alias Robotics
detected-by-method: testing static
date-reported: 2020-06-29 (21:16)
reported-by: Alias Robotics
reported-by-relationship: automatic
issue: https://github.com/aliasrobotics/RVD/issues/3279
reproducibility: always
trace: ''
reproduction: See artifacts below (if available)
reproduction-image: gitlab.com/aliasrobotics/offensive/alurity/pipelines/active/pipeline_px4/-/jobs/616402716/artifacts/download
exploitation:
description: ''
exploitation-image: ''
exploitation-vector: ''
exploitation-recipe: ''
mitigation:
description: ''
pull-request: ''
date-mitigation: ''