[riot-notifications] [RIOT-OS/RIOT] net/nanocoap: validate option length (#10823)
notifications at github.com
Fri Jan 18 18:52:24 CET 2019
### Contribution description
The Buffer Append API added in #9085 uses the coap_pkt_t struct to track to amount of buffer space remaining as the CoAP PDU is built. _add_opt_pkt() is the low level function in that API to add an option to the buffer. This function uses coap_put_option() to actually write to the buffer. However, that function is part of the minimal Buffer Put API, and does not check the length of the buffer before writing. This PR updates _add_opt_pkt() to test the available buffer space *before* writing the option.
The PR also adds function documentation for _put_delta_optlen(), which writes the option header, and a unit test for building a message that completely fills the buffer.
The use of an assert in _add_opt_pkt() when the buffer is too small is not ideal. We plan to create a follow-on PR that returns a negative value from the function so the caller can recover.
### Testing procedure
The 'tests-nanocoap' unit tests include a new test, test_nanocoap__option_add_buffer_max(), which completely fills the buffer used to write a request. Run 'tests-nanocoap' both without and with assertions enabled (compile with FORCE_ASSERTS=1). Both runs should pass.
Next, manually reduce the size of the buffer in the new test from 70 to 69 and rerun the tests. Without asserts, on native the test fails abruptly when the buffer overflows ("stack smashing detected"). With asserts enabled, the relevant assert in _add_opt_pkt() is tripped.
### Issues/PRs references
You can view, comment on, or merge this pull request online at:
-- Commit Summary --
* net/nanocoap: document function that writes option header
* net/nanocoap: validate option length before write
* tests/nanocoap: build request that fills buffer
-- File Changes --
M sys/net/application_layer/nanocoap/nanocoap.c (40)
M tests/unittests/tests-nanocoap/tests-nanocoap.c (24)
-- Patch Links --
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the notifications