[riot-notifications] [RIOT-OS/RIOT] nanocoap: fix server-side option_count overflow (#10754)

Kaspar Schleiser notifications at github.com
Fri Jan 11 12:26:46 CET 2019


> In the unit test, how do I know that the printed pointer values indicate a good test? Just that they are close to each other? Is it possible to be more specific? It's odd to print values as part of a unit test. I would think it makes more sense to compare the values within the test, and fail the test if the difference is outside of some range.

When I wrote the test, I wasn't sure that it would (without the fix) crash.
The coap options array is the last field in coap_pkt_t. My logic was that if I have pkt on the stack and directly after it another value (guard_value), if coap_parse() exceeded the options array, it would overwrite the guard value. But without getting an address of both of the variables, the compiler might just keep them in registers. Thus the printf...
While writing this I realized that any overflow would go to stack space *before* (or above) pkt, not after (or below), on all our platforms. So I think the guard_value declaration must be moved before pkt.

Does this make sense at all or does anyone have a better idea on how to detect an overflow of the options array?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/10754#issuecomment-453488128
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190111/533f9ee5/attachment-0001.html>


More information about the notifications mailing list