[riot-notifications] [RIOT-OS/RIOT] nanocoap: fix server-side option_count overflow (#10754)

Kaspar Schleiser notifications at github.com
Sat Jan 12 10:49:53 CET 2019

kaspar030 commented on this pull request.

> @@ -111,6 +111,9 @@ int coap_parse(coap_pkt_t *pkt, uint8_t *buf, size_t len)
                 DEBUG("optpos option_nr=%u %u\n", (unsigned)option_nr, (unsigned)optpos->offset);
+                if (option_count >= NANOCOAP_NOPTS_MAX) {

Yes. The new test seems to be working, it exposed that using "==" here caused to write one behind the options array. So I moved the check to the beginning of the if case.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190112/be27e57e/attachment-0001.html>

More information about the notifications mailing list