Skip to content

fix(host/msc): Fix potential buffer overwrite#416

Open
tore-espressif wants to merge 1 commit intomasterfrom
fix/MSC-004
Open

fix(host/msc): Fix potential buffer overwrite#416
tore-espressif wants to merge 1 commit intomasterfrom
fix/MSC-004

Conversation

@tore-espressif
Copy link
Collaborator

@tore-espressif tore-espressif commented Feb 18, 2026

fix(host/msc): Fix potential buffer overwrite

@tore-espressif tore-espressif self-assigned this Feb 18, 2026
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 18, 2026
View reviewed changes
host/class/msc/usb_host_msc/src/msc_host.c
if (xfer->actual_num_bytes > size) {
ret = ESP_ERR_INVALID_SIZE;
} else {
memcpy(data, xfer->data_buffer, xfer->actual_num_bytes);

Check warning

Code scanning / clang-tidy

Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] Warning

Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@tore-espressif tore-espressif

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tore-espressif

Comments