review.tizen.org Git - platform/upstream/iotivity.git/commit

author	Hauke Mehrtens <hauke.mehrtens@intel.com>
	Wed, 22 Jun 2016 09:41:43 +0000 (11:41 +0200)
committer	Randeep Singh <randeep.s@samsung.com>
	Wed, 3 Aug 2016 04:22:29 +0000 (04:22 +0000)
commit	87a05a6977ba8c28774b3f0b9cf1eb15a7e6d6ec
tree	e62d4db9ee031124ca9c530e2390f7691c87cdd9	tree \| snapshot
parent	30a24a570e2892e0855ed3aa7ce76d063f03fb00	commit \| diff

Fix memory corruption when reading integers from cbor

When the cbor_value_get_*() function is called with a pointer to some int, it
should have the correct size. When we cast it to something else it is treated
as a pointer to an uint64_t in the function for example and them 64 bits gets
written to memory even with the real type is only 32 bit long. When the real
type is only 32 bit long some other memory gets overwritten. On Big endian
systems the least significant bits are cut of so in most cases 0 is read.

With this patch a value cast is used and the value is converted to the other size.

This is the same as in commit 0d64c7c95a5c11a9fb5201e729fd8c75da210c80
"security: fix reading of permission attribute from configuration"

Change-Id: If5965491241e25ebf60a22dc45d37d74a33cb02f
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/8925
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>

resource/csdk/security/src/crlresource.c		diff \| blob \| history
resource/csdk/security/src/doxmresource.c		diff \| blob \| history
resource/csdk/security/src/dpairingresource.c		diff \| blob \| history
resource/csdk/security/src/pconfresource.c		diff \| blob \| history
resource/csdk/security/src/pstatresource.c		diff \| blob \| history
resource/csdk/security/src/svcresource.c		diff \| blob \| history
resource/csdk/stack/src/ocpayloadparse.c		diff \| blob \| history