Implemented a check in coap_parse() to verify if TKL value is within valid range as specified by RFC7252. The token length must be within 0-8 range, any other value should be considered as invalid and the packet should produce message format error.
A test case was added to tests-nanocoap.c to verify correct behavior in case of TKL in range and out of range.
Update sys/net/application_layer/nanocoap/nanocoap.c
Prefixed debug message with module name and abbreviations expanded.
Co-authored-by: Martine Lenders <mail@martine-lenders.eu>
Update sys/net/application_layer/nanocoap/nanocoap.c
Prefixed debug message with module name and abbreviations expanded.
Co-authored-by: Martine Lenders <mail@martine-lenders.eu>
If token length in the header was longer than actually provided in the following payload, read out of the input buffer bounds or processing of data beyond the actual input packet bound could happen. In order to remove the risk, the options loop condition was modified to early detect the condition and abort packet processing if a malformed packet is detected.
nanocoap: Added pointer range check after token length parsing.
Added a check to verify if the current packet parsing pointer is still within the packet boundaries after incrementing by the token length declared in the header. If packet is malformed an error code is returned.
nanocoap: Combined packet length checks
Combined packet length checks after reading token length and processing options into a single packet length validation after the options parsing loop. The entry to the options parsing loop is safe as the while loop condition protects against entering the loop if the token length was invalid.
saul_reg_rm can not be used safely unless in tight coordination with the
application. This points out the issue, puts the onus of making sure
nobody calls vanishing registrations on the device driver and deprecates
the call (as the requirements for correct usage are practically
impossible to fulfull for a generic driver).
This removes a preliminar dependency resolution that is performed
without including features, to skip a full dependency resolution when
boards can be proven to be unsupported on an earlier stage.
This was introducing issues on some boards since the blacklisting of
some features depends on board information which is not available at the
time of performing this resolution.
When using eval the function board_unsatisfied_features is evaluated
twice, in the first evaluation this will lead to the previous value
for `BOARDS` to be expanded, so escape all occurrences.
When the SPI peripheral is disabled, the output lines will become HIGH-Z.
If the clk pin is not pulled HIGH or LOW, connected SPI slaves will start drawing current expectedly.