1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00

nanocoap: prevent integer underflow in coap_opt_put_uri_pathquery()

If uri contains no path but only a query "?foo=bar" `len` would underflow.
Fix this by detecting if there is no path.

Reported by @Yu3H0
This commit is contained in:
Benjamin Valentin 2023-10-19 14:00:03 +02:00
parent 3a4ec8d21e
commit 0fa04a3d57

View File

@ -902,8 +902,15 @@ size_t coap_opt_put_string_with_len(uint8_t *buf, uint16_t lastonum, uint16_t op
size_t coap_opt_put_uri_pathquery(uint8_t *buf, uint16_t *lastonum, const char *uri) size_t coap_opt_put_uri_pathquery(uint8_t *buf, uint16_t *lastonum, const char *uri)
{ {
size_t len;
const char *query = strchr(uri, '?'); const char *query = strchr(uri, '?');
size_t len = query ? (size_t)(query - uri - 1) : strlen(uri);
if (query) {
len = (query == uri) ? 0 : (query - uri - 1);
} else {
len = strlen(uri);
}
size_t bytes_out = coap_opt_put_string_with_len(buf, *lastonum, size_t bytes_out = coap_opt_put_string_with_len(buf, *lastonum,
COAP_OPT_URI_PATH, COAP_OPT_URI_PATH,
uri, len, '/'); uri, len, '/');