review.tizen.org Git - platform/upstream/iotivity.git/commit

author	George Nash <george.nash@intel.com>
	Mon, 5 Dec 2016 23:33:17 +0000 (15:33 -0800)
committer	Dan Mihai <Daniel.Mihai@microsoft.com>
	Fri, 9 Dec 2016 16:07:21 +0000 (16:07 +0000)
commit	8b15d3e1918f8071645e7a59cb277f93dd81cb5d
tree	46c480c731dfe0aae463a8cde78b2244f885c1eb	tree \| snapshot
parent	a293f2dee13a492799118cc84b30adca70205ba9	commit \| diff

Prevent out-of-bounds memory access

prevent the snprintf function from accessing outside the
queryParam char array.

If the resulting uri exceeds the max uri length indicate the
failure by returning OC_STACK_INVALID_URI from the function.

Found using static analysis tool.

Change-Id: I81ee4cc932c70942ff65dcf8390529279e36dc4a
Signed-off-by: George Nash <george.nash@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/15173
Reviewed-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>

resource/csdk/resource-directory/include/rd_client.h		diff \| blob \| history
resource/csdk/resource-directory/src/rd_client.c		diff \| blob \| history