[riot-notifications] [RIOT-OS/RIOT] nanocoap: fix server-side option_count overflow (#10754)

Kaspar Schleiser notifications at github.com
Mon Jan 14 11:49:37 CET 2019


> The only remaining question for me is why are there 42 options in guard_data instead of only one or two. When I allowed the parse to overwrite the guard data, I found the overwrite occurred in the first few bytes.

@nmeum provided this packet in his original report, and I was lazy enough to take it as-is. The number just needs to be higher than ```NANOCOAP_NOPT_MAX```. (42 seemed to be the right answer after thinking for 7.5 million years.) I've added a note stating that 42 is basically randomly chosen.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/10754#issuecomment-453964489
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190114/779f5881/attachment-0001.html>


More information about the notifications mailing list