mirror/mongoose
1
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2024-11-24 19:19:00 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Harden MQTT variable length parsing

Browse Source 
PUBLISHED_FROM=e16ee57bc30277e5b5684e53da78e69baaf9f779
This commit is contained in:
Deomid Ryabkov 2017-09-06 14:37:33 +03:00 committed by Cesanta Bot
parent abf89d32d9
commit 77e44c7c0e
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
mongoose.c
View File

@ -9943,11 +9943,12 @@ MG_INTERNAL int parse_mqtt(struct mbuf *io, struct mg_mqtt_message *mm) {
lc = *((const unsigned char *) p++); lc = *((const unsigned char *) p++);
len += (lc & 0x7f) << 7 * len_len; len += (lc & 0x7f) << 7 * len_len;
len_len++; len_len++;
if (!(lc & 0x80) || (len_len > sizeof(len))) break; if (!(lc & 0x80)) break;
if (len_len > 4) return -2;
} }
end = p + len; end = p + len;
if (lc & 0x80 || end > io->buf + io->len) { if (lc & 0x80 || len > (io->len - (p - io->buf))) {
return -1; return -1;
} }