This is an automated email from the ASF dual-hosted git repository. janc pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
commit a0ba149932e91496327d28d5bbcfaac7750f0359 Author: Magdalena Kasenberg <magdalena.kasenb...@codecoup.pl> AuthorDate: Tue Feb 23 20:11:46 2021 +0100 sensors/bmp388: Fix untrusted loop bound Coverity issue 204145 --- hw/drivers/sensors/bmp388/src/bmp388.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/hw/drivers/sensors/bmp388/src/bmp388.c b/hw/drivers/sensors/bmp388/src/bmp388.c index 75f062f..0c48c61 100644 --- a/hw/drivers/sensors/bmp388/src/bmp388.c +++ b/hw/drivers/sensors/bmp388/src/bmp388.c @@ -2448,9 +2448,14 @@ bmp3_get_fifo_data(const struct bmp3_dev *dev) BMP388_LOG_ERROR("*****fifo_len added timefifo length is %d\n", fifo_len); #endif } - /* Update the fifo length in the fifo structure */ - dev->fifo->data.byte_count = fifo_len; + + if (fifo_len > sizeof(fifo->data.buffer)) { + rslt = BMP3_E_INVALID_LEN; + } + if (rslt == BMP3_OK) { + /* Update the fifo length in the fifo structure */ + dev->fifo->data.byte_count = fifo_len; /* Read the fifo data */ rslt = bmp3_get_regs(BMP3_FIFO_DATA_ADDR, fifo->data.buffer, fifo_len, dev); }