RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
Code Releases Activity
75fdaba0ad
RIOT/sys/net/application_layer/nanocoap
History
Benjamin Valentin d4aa8aad10 nanocoap: validate input with NDEBUG 
A malformed or malicious CoAP request may contain invalid field lengths.
`nanocoap` protects with this by using `assert()`, which safely crashes
the application in debug mode.

In release mode the check is removed.

Instead of allowing arbitrary memory writes, return 0 on invalid inputs.

Discovered by [Coverity](https://scan3.coverity.com/reports.htm#v46910/p10250/fileInstanceId=38357789&defectInstanceId=9793779&mergedDefectId=297306)
2020-08-11 15:54:23 +02:00
..
Kconfig net/nanocoap/kconfig: Explicitly define type of MODULE_NANOCOAP 2020-04-27 10:06:01 +02:00
Makefile sys/net/nanocoap: use submodules 2017-12-01 12:55:45 +01:00
nanocoap.c nanocoap: validate input with NDEBUG 2020-08-11 15:54:23 +02:00
sock.c net/coap: Move COAP_MAX_RETRANSMIT to 'CONFIG' namespace 2020-04-24 10:06:43 +02:00