Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Coverity report potential string overflow in transport_udp.cpp #1735

Closed
danielwangksu opened this issue Jul 2, 2019 · 2 comments · Fixed by #1771
Closed

Coverity report potential string overflow in transport_udp.cpp #1735

danielwangksu opened this issue Jul 2, 2019 · 2 comments · Fixed by #1771

Comments

@danielwangksu
Copy link
Contributor

danielwangksu commented Jul 2, 2019
edited
Loading

Using Coverity static analysis tool report a potential string overflow in the following code:

(10) Event fixed_size_dest: You might overrun the 128-character fixed-size string "namebuf" by copying the return value of "inet_ntoa" without checking the length.

ros_comm/clients/roscpp/src/libros/transport/transport_udp.cpp

Line 715 in 29053c4

strcpy(namebuf, inet_ntoa(sin->sin_addr));

(12) Event fixed_size_dest: | You might overrun the 128-character fixed-size string "namebuf" by copying the return value of "inet_ntoa" without checking the length.

ros_comm/clients/roscpp/src/libros/transport/transport_tcp.cpp

Line 744 in 29053c4

strcpy(namebuf, inet_ntoa(sin->sin_addr));

(15) Event fixed_size_dest: | You might overrun the 128-character fixed-size string "namebuf" by copying the return value of "inet_ntoa" without checking the length.

ros_comm/clients/roscpp/src/libros/transport/transport_tcp.cpp

Line 291 in 29053c4

strcpy(namebuf, inet_ntoa(address->sin_addr));

@danielwangksu danielwangksu mentioned this issue Jul 22, 2019
Merged
@jspricke
Copy link
Member

This just got a public CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13566
can we release new versions?

@vmayoral vmayoral mentioned this issue Nov 28, 2019
Closed
@vmayoral
Copy link

vmayoral commented Nov 28, 2019
edited
Loading

Connected to aliasrobotics/RVD#918

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fixing string check danielwangksu/ros_comm
3 participants
@jspricke @vmayoral @danielwangksu