[Coverity CID :206606] Out-of-bounds access in tests/bluetooth/uuid/src/main.c

[zephyrbot]

Static code scan issues found in file:

https://github.com/zephyrproject-rtos/zephyr/tree/c9a2a5e7fb0194bfb168f5aa1a0a83c73f62acb3/tests/bluetooth/uuid/src/main.c#L44

Category: Memory - corruptions
Function: test_uuid_cmp
Component: Tests
CID: 206606

Details:

26     {
27         /* Compare UUID 16 bits */
28         zassert_false(bt_uuid_cmp(&uuid_16.uuid, BT_UUID_DECLARE_16(0xffff)),
29                  "Test UUIDs don't match");
30    
31         /* Compare UUID 128 bits */
>>>     CID 206606:    (OVERRUN)
>>>     Overrunning array "struct bt_uuid_16 [1]({{.uuid = {BT_UUID_TYPE_16}, .val = 65535}})" of 4 bytes by passing it to a function which accesses it at byte offset 16.
32         zassert_false(bt_uuid_cmp(&uuid_128.uuid, BT_UUID_DECLARE_16(0xffff)),
33                  "Test UUIDs don't match");
34    
35         /* Compare UUID 16 bits with UUID 128 bits */
36         zassert_false(bt_uuid_cmp(&uuid_16.uuid, &uuid_128.uuid),
37                  "Test UUIDs don't match");
34    
35         /* Compare UUID 16 bits with UUID 128 bits */
36         zassert_false(bt_uuid_cmp(&uuid_16.uuid, &uuid_128.uuid),
37                  "Test UUIDs don't match");
38    
39         /* Compare different UUID 16 bits */
>>>     CID 206606:    (OVERRUN)
>>>     Overrunning array "struct bt_uuid_16 [1]({{.uuid = {BT_UUID_TYPE_16}, .val = 0}})" of 4 bytes by passing it to a function which accesses it at byte offset 16.
40         zassert_true(bt_uuid_cmp(&uuid_16.uuid, BT_UUID_DECLARE_16(0x0000)),
41                  "Test UUIDs match");
42    
43         /* Compare different UUID 128 bits */
44         zassert_true(bt_uuid_cmp(&uuid_128.uuid, BT_UUID_DECLARE_16(0x000)),
45                  "Test UUIDs match");
22         0xfb, 0x34, 0x9b, 0x5f, 0x80, 0x00, 0x00, 0x80,
23         0x00, 0x10, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00);
24    
25     static void test_uuid_cmp(void)
26     {
27         /* Compare UUID 16 bits */
>>>     CID 206606:    (OVERRUN)
>>>     Overrunning array "struct bt_uuid_16 [1]({{.uuid = {BT_UUID_TYPE_16}, .val = 65535}})" of 4 bytes by passing it to a function which accesses it at byte offset 16.
28         zassert_false(bt_uuid_cmp(&uuid_16.uuid, BT_UUID_DECLARE_16(0xffff)),
29                  "Test UUIDs don't match");
30    
31         /* Compare UUID 128 bits */
32         zassert_false(bt_uuid_cmp(&uuid_128.uuid, BT_UUID_DECLARE_16(0xffff)),
33                  "Test UUIDs don't match");
38    
39         /* Compare different UUID 16 bits */
40         zassert_true(bt_uuid_cmp(&uuid_16.uuid, BT_UUID_DECLARE_16(0x0000)),
41                  "Test UUIDs match");
42    
43         /* Compare different UUID 128 bits */
>>>     CID 206606:    (OVERRUN)
>>>     Overrunning array "struct bt_uuid_16 [1]({{.uuid = {BT_UUID_TYPE_16}, .val = 0}})" of 4 bytes by passing it to a function which accesses it at byte offset 16.
44         zassert_true(bt_uuid_cmp(&uuid_128.uuid, BT_UUID_DECLARE_16(0x000)),
45                  "Test UUIDs match");
46     }
47    
48     static void test_uuid_create(void)
49     {

Please fix or provide comments in coverity using the link:

https://scan9.coverity.com/reports.htm#v32951/p12996.

Note: This issue was created automatically. Priority was set based on classification
of the file affected and the impact field in coverity. Assignees were set using the CODEOWNERS file.

[jhedberg]

Marked as false positive in Coverity (like pretty much all bt_uuid issues)