1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
19994: nanocoap: prevent integer underflow in coap_opt_put_uri_pathquery() r=miri64 a=benpicco





Co-authored-by: Benjamin Valentin <benjamin.valentin@ml-pa.com>
This commit is contained in:
bors[bot] 2023-10-24 09:20:51 +00:00 committed by GitHub
commit 61ae692ae9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -902,8 +902,15 @@ size_t coap_opt_put_string_with_len(uint8_t *buf, uint16_t lastonum, uint16_t op
size_t coap_opt_put_uri_pathquery(uint8_t *buf, uint16_t *lastonum, const char *uri) size_t coap_opt_put_uri_pathquery(uint8_t *buf, uint16_t *lastonum, const char *uri)
{ {
size_t len;
const char *query = strchr(uri, '?'); const char *query = strchr(uri, '?');
size_t len = query ? (size_t)(query - uri - 1) : strlen(uri);
if (query) {
len = (query == uri) ? 0 : (query - uri - 1);
} else {
len = strlen(uri);
}
size_t bytes_out = coap_opt_put_string_with_len(buf, *lastonum, size_t bytes_out = coap_opt_put_string_with_len(buf, *lastonum,
COAP_OPT_URI_PATH, COAP_OPT_URI_PATH,
uri, len, '/'); uri, len, '/');