diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index 6e47acbf6..805f0474d 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -29,6 +29,7 @@ jobs: -DPLGD_DEV_TIME_ENABLED=ON -DOC_ETAG_ENABLED=ON -DOC_JSON_ENCODER_ENABLED=ON + -DPLGD_DEV_DEVICE_PROVISIONING_ENABLED=ON -B ${{github.workspace}}/build - uses: vapier/coverity-scan-action@v1 diff --git a/api/oc_endpoint.c b/api/oc_endpoint.c index 16ba8ca4a..785ad5738 100644 --- a/api/oc_endpoint.c +++ b/api/oc_endpoint.c @@ -171,7 +171,10 @@ oc_endpoint_to_cstring(const oc_endpoint_t *endpoint, char *buffer, return -1; } // overflow check for coverity scan - assert(len <= INT_MAX - written && "Integer overflow detected"); + // assert(len <= INT_MAX - written && "Integer overflow detected"); + if (len > INT_MAX - written) { + return -1; + } return len + written; } diff --git a/util/jsmn/jsmn.c b/util/jsmn/jsmn.c index 83e5c89cd..5b3fd8e63 100644 --- a/util/jsmn/jsmn.c +++ b/util/jsmn/jsmn.c @@ -249,7 +249,10 @@ jsmn_parse_next_char(jsmn_parser_t *parser, jsmntok_t *token, const char *js, return r; } // overflow check for coverity scan - assert(count <= INT_MAX - r && "Integer overflow detected"); + // assert(count <= INT_MAX - r && "Integer overflow detected"); + if (count > INT_MAX - r) { + return -1 + } count += r; break; } @@ -299,7 +302,10 @@ jsmn_parse(jsmn_parser_t *parser, const char *js, const size_t len, return r; } // overflow check for coverity scan - assert(count <= INT_MAX - r && "Integer overflow detected"); + // assert(count <= INT_MAX - r && "Integer overflow detected"); + if (count > INT_MAX - r) { + return -1 + } count += r; }