github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[693] Fix handling of null bytes in received strings.

Browse Source 
Thanks to Umberto Boscolo.

Bug: https://github.com/eclipse/mosquitto/issues/693
pull/584/merge
Roger A. Light 8 years ago
parent 1b702538f9
commit c001e778c1
3 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File

1
ChangeLog.txt
Unescape Escape View File

@ -44,6 +44,7 @@ Broker:
- IPv6 is no longer disabled for websockets listeners. - IPv6 is no longer disabled for websockets listeners.
- Remove all build timestamp information including $SYS/broker/timestamp. - Remove all build timestamp information including $SYS/broker/timestamp.
Close #651. Close #651.
- Correctly handle incoming strings that contain a NULL byte. Closes #693.
Client library: Client library:
- Outgoing messages with QoS>1 are no longer retried after a timeout period. - Outgoing messages with QoS>1 are no longer retried after a timeout period.

2
lib/utf8_mosq.c
Unescape Escape View File

@ -26,7 +26,7 @@ int mosquitto_validate_utf8(const char *str, int len)
const unsigned char *ustr = (const unsigned char *)str; const unsigned char *ustr = (const unsigned char *)str;
if(!str) return MOSQ_ERR_INVAL; if(!str) return MOSQ_ERR_INVAL;
if(len < 1 || len > 65536) return MOSQ_ERR_INVAL; if(len < 0 || len > 65536) return MOSQ_ERR_INVAL;
for(i=0; i<len; i++){ for(i=0; i<len; i++){
if(ustr[i] == 0){ if(ustr[i] == 0){

21
src/handle_connect.c
Unescape Escape View File

@ -37,7 +37,7 @@ Contributors:
# include <libwebsockets.h> # include <libwebsockets.h>
#endif #endif
static char *client_id_gen(struct mosquitto_db *db) static char *client_id_gen(struct mosquitto_db *db, int *idlen)
{ {
char *client_id; char *client_id;
#ifdef WITH_UUID #ifdef WITH_UUID
@ -47,23 +47,24 @@ static char *client_id_gen(struct mosquitto_db *db)
#endif #endif
#ifdef WITH_UUID #ifdef WITH_UUID
client_id = (char *)mosquitto__calloc(37 + db->config->auto_id_prefix_len, sizeof(char)); *idlen = 36 + db->config->auto_id_prefix_len;
#else
*idlen = 64 + db->config->auto_id_prefix_len;
#endif
client_id = (char *)mosquitto__calloc((*idlen) + 1, sizeof(char));
if(!client_id){ if(!client_id){
return NULL; return NULL;
} }
if(db->config->auto_id_prefix){ if(db->config->auto_id_prefix){
memcpy(client_id, db->config->auto_id_prefix, db->config->auto_id_prefix_len); memcpy(client_id, db->config->auto_id_prefix, db->config->auto_id_prefix_len);
} }
#ifdef WITH_UUID
uuid_generate_random(uuid); uuid_generate_random(uuid);
uuid_unparse_lower(uuid, &client_id[db->config->auto_id_prefix_len]); uuid_unparse_lower(uuid, &client_id[db->config->auto_id_prefix_len]);
#else #else
client_id = (char *)mosquitto__calloc(65 + db->config->auto_id_prefix_len, sizeof(char));
if(!client_id){
return NULL;
}
if(db->config->auto_id_prefix){
memcpy(client_id, db->config->auto_id_prefix, db->config->auto_id_prefix_len);
}
for(i=0; i<64; i++){ for(i=0; i<64; i++){
client_id[i+db->config->auto_id_prefix_len] = (rand()%73)+48; client_id[i+db->config->auto_id_prefix_len] = (rand()%73)+48;
} }
@ -240,7 +241,7 @@ int handle__connect(struct mosquitto_db *db, struct mosquitto *context)
rc = MOSQ_ERR_PROTOCOL; rc = MOSQ_ERR_PROTOCOL;
goto handle_connect_error; goto handle_connect_error;
}else{ }else{
client_id = client_id_gen(db); client_id = client_id_gen(db, &slen);
if(!client_id){ if(!client_id){
rc = MOSQ_ERR_NOMEM; rc = MOSQ_ERR_NOMEM;
goto handle_connect_error; goto handle_connect_error;

Write Preview
Loading…
Cancel
Save