projects / platform / upstream / iotivity.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
RPK: add length check
[platform/upstream/iotivity.git] / resource / csdk / security / provisioning / src / oxmrawpublickey.c
diff --git a/resource/csdk/security/provisioning/src/oxmrawpublickey.c b/resource/csdk/security/provisioning/src/oxmrawpublickey.c
index a1a62dd..62a3be3 100644 (file)
--- a/resource/csdk/security/provisioning/src/oxmrawpublickey.c
+++ b/resource/csdk/security/provisioning/src/oxmrawpublickey.c
@@ -110,9 +110,15 @@ OCStackResult GetMasterRPK(char* master, size_t* master_len)
         return OC_STACK_INVALID_PARAM;
     }
 
+    OIC_LOG(DEBUG, TAG, "Invoking gGetRPKMasterKeyCallback");
     if(gGetRPKMasterKeyCallback)
     {
         gGetRPKMasterKeyCallback(g_RPKOxmData.rpkData, &g_RPKOxmData.rpkSize);
+        if (g_RPKOxmData.rpkSize > OXM_RPK_MASTER_KEY_MAX_SIZE)
+        {
+            OIC_LOG(ERROR, TAG, "Buffer overflow: RPK master key must not exceed OXM_RPK_MASTER_KEY_MAX_SIZE");
+            return OC_STACK_ERROR;
+        }
     }
     else
     {
Domain: Network & Connectivity / IoT Connectivity;