Skip to content

CMFSUPPORT-3765: COVERITY TEST. DO NOT MERGE#86

Closed
snampo768 wants to merge 1 commit intodevelopfrom
feature/test-workflow
Closed

CMFSUPPORT-3765: COVERITY TEST. DO NOT MERGE#86
snampo768 wants to merge 1 commit intodevelopfrom
feature/test-workflow

Conversation

@snampo768
Copy link

@snampo768 snampo768 commented Feb 5, 2026

DO NOT MERGE

@snampo768 snampo768 requested review from a team as code owners February 5, 2026 11:26
Copilot AI review requested due to automatic review settings February 5, 2026 11:26
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR appears to be a test change for Coverity analysis and is explicitly marked "DO NOT MERGE" in both the title and description. The change modifies a sprintf_s call to add an extra format specifier without providing a corresponding argument, introducing a critical bug.

Changes:

  • Modified sprintf_s format string to add a third "%s" specifier without providing a third argument

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

...e/ccsp/components/common/DataModel/dml/components/DslhDataModelAgent/dslh_dmagnt_utilities.c
else
{
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s", pRootName, buffer);
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s%s", pRootName, buffer);
Copy link

Copilot AI Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change introduces a critical bug. The format string now contains three format specifiers ("%s%s%s") but only two arguments are provided (pRootName and buffer). This mismatch will cause undefined behavior when sprintf_s attempts to read a third argument that doesn't exist, potentially leading to crashes or memory corruption.

The original code with two format specifiers ("%s%s") correctly matched the two provided arguments. Looking at the similar pattern on line 1236, the else branch on line 1243 should concatenate pRootName and buffer without adding a trailing dot (since buffer already ends with a dot based on the condition on line 1234). The format string should remain "%s%s" with two arguments.

Suggested change
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s%s", pRootName, buffer);
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s", pRootName, buffer);

Copilot uses AI. Check for mistakes.
rdkcmf-jenkins
rdkcmf-jenkins reviewed Feb 5, 2026
View reviewed changes
...e/ccsp/components/common/DataModel/dml/components/DslhDataModelAgent/dslh_dmagnt_utilities.c
else
{
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s", pRootName, buffer);
rc = sprintf_s(pFullName, sizeof(pFullName), "%s%s%s", pRootName, buffer);
Copy link
Contributor

@rdkcmf-jenkins rdkcmf-jenkins Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coverity Issue - Missing argument to printf format specifier

No argument for format specifier "%s".

Medium Impact, CWE-685
PRINTF_ARGS

@snampo768
Copy link
Author

snampo768 commented Feb 5, 2026

Close PR

@snampo768 snampo768 closed this Feb 5, 2026
@snampo768 snampo768 deleted the feature/test-workflow branch February 5, 2026 11:46
@github-actions github-actions bot locked and limited conversation to collaborators Feb 5, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@rdkcmf-jenkins rdkcmf-jenkins rdkcmf-jenkins left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snampo768 @rdkcmf-jenkins