mirror of
https://github.com/oliverschmidt/contiki.git
synced 2024-12-22 10:30:13 +00:00
Merge pull request #2249 from nfi/coap-boundary-checks
Added boundary checks when parsing CoAP packets.
This commit is contained in:
commit
d53b6ad23e
@ -529,8 +529,21 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len)
|
|||||||
++current_option;
|
++current_option;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(current_option + option_length > data + data_len) {
|
||||||
|
/* Malformed CoAP - out of bounds */
|
||||||
|
PRINTF("BAD REQUEST: options outside data packet: %u > %u\n",
|
||||||
|
(unsigned)(current_option + option_length - data), data_len);
|
||||||
|
return BAD_REQUEST_4_00;
|
||||||
|
}
|
||||||
|
|
||||||
option_number += option_delta;
|
option_number += option_delta;
|
||||||
|
|
||||||
|
if(option_number > COAP_OPTION_SIZE1) {
|
||||||
|
/* Malformed CoAP - out of bounds */
|
||||||
|
PRINTF("BAD REQUEST: option number too large: %u\n", option_number);
|
||||||
|
return BAD_REQUEST_4_00;
|
||||||
|
}
|
||||||
|
|
||||||
PRINTF("OPTION %u (delta %u, len %zu): ", option_number, option_delta,
|
PRINTF("OPTION %u (delta %u, len %zu): ", option_number, option_delta,
|
||||||
option_length);
|
option_length);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user