uYanki Board Stack-Based Buffer Overflow Vulnerability in I2C HAL Write Function

A critical stack-based buffer overflow vulnerability has been identified in the uYanki board-stm32f103rc-berial project, affecting versions prior to 84daed541609cb7b46854cc6672a275d1007e295. The vulnerability arises in the function heartrate1_i2c_hal_write, located in the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The issue is caused by the function copying num + 1 bytes into a fixed-size buffer without proper validation, allowing for manipulation of the num parameter to overwrite adjacent stack memory. This could lead to arbitrary code execution, a system crash, or unauthorized access.

Impact

Exploitation of this vulnerability allows for a stack-based buffer overflow, where an attacker can overwrite adjacent memory on the stack. This could potentially lead to arbitrary code execution, a system crash, or unauthorized access, depending on the nature of the overwritten data.

Reproduction

To reproduce this vulnerability, the heartrate1_i2c_hal_write function can be called with a num value that exceeds the buffer's maximum capacity. This will cause the function to overwrite adjacent stack memory, which could be exploited to execute arbitrary code or disrupt the application's normal operation.