security: Fix logging crash due to end of strings

Fix logging crash due to reading past end of non-null terminated strings

Change-Id: I596c7cf7889017e46aefff9d68f08955a399e942
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/19595
Reviewed-by: Kevin Kane <kkane@microsoft.com>
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Reviewed-by: Nathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
(cherry picked from commit 4266b7ecccce97d14e9e9cafb1e5cc86a8352e4f)
Reviewed-on: https://gerrit.iotivity.org/gerrit/21131
Reviewed-by: Phil Coval <philippe.coval@osg.samsung.com>

diff --git a/resource/csdk/security/src/crlresource.c b/resource/csdk/security/src/crlresource.c
index fbb3032..eb93ea3 100644 (file)
--- a/resource/csdk/security/src/crlresource.c
+++ b/resource/csdk/security/src/crlresource.c
@@ -605,12 +605,12 @@ static OicSecCrl_t *GetCrlDefault()
     defaultCrl->CrlData.encoding = OIC_ENCODING_DER;
 
     bool result1 = copyByteArray((const uint8_t *)CRL_DEFAULT_CRL_DATA,
-                                 strlen(CRL_DEFAULT_CRL_DATA),
+                                 sizeof(CRL_DEFAULT_CRL_DATA),
                                  &defaultCrl->CrlData.data,
                                  &defaultCrl->CrlData.len);
 
     bool result2 = copyByteArray((const uint8_t *)CRL_DEFAULT_THIS_UPDATE,
-                                 strlen(CRL_DEFAULT_THIS_UPDATE),
+                                 sizeof(CRL_DEFAULT_THIS_UPDATE),
                                  &defaultCrl->ThisUpdate.data,
                                  &defaultCrl->ThisUpdate.len);