netutils/libcoap : patch for parsing of COAP_UDP options

This commit is patch for parsing of COAP_UDP options
 - coap_option_interator_init2 doesn't have COAP_UDP case
   it causes un-expected memory access
 - coap_add_option2 doesn't have COAP_UDP case,
   it causes failed to adding option field on PDU

Change-Id: I6982d3e2c71d01a8cea4a6b7c83a199f0a1ac506
Signed-off-by: Jin-Seong Kim <jseong82.kim@samsung.com>

diff --git a/apps/netutils/libcoap/net.c b/apps/netutils/libcoap/net.c
index 171ee65..01e083c 100644 (file)
--- a/apps/netutils/libcoap/net.c
+++ b/apps/netutils/libcoap/net.c
@@ -974,13 +974,26 @@ int coap_read(coap_context_t *ctx)
                goto error_early;
        }
 
-#ifndef WITH_TCP
-       /* TCP header can be smaller than coap_hdr_t */
-       if ((size_t) bytes_read < sizeof(coap_hdr_t)) {
-               debug("coap_read: discarded invalid frame\n");
-               goto error_early;
+       switch (ctx->protocol) {
+       case COAP_PROTO_UDP:
+       case COAP_PROTO_DTLS:
+               /* the size of CoAP over UDP header is 4 Bytes */
+               if ((size_t)bytes_read < COAP_UDP_HEADER) {
+                       warn("coap_read : discarded invalid UDP frame\n");
+                       goto error_early;
+               }
+               break;
+       case COAP_PROTO_TCP:
+       case COAP_PROTO_TLS:
+               /* the size of CoAP over TCP header is 2 Bytes */
+               if ((size_t)bytes_read < COAP_TCP_HEADER_NO_FIELD) {
+                       warn("coap_read : discarded invalid TCP frame\n");
+                       goto error_early;
+               }
+               break;
+       default:
+               break;
        }
-#endif
 
        /* TCP doesn't have version field in PDU */
        if ((ctx->protocol == COAP_PROTO_UDP || ctx->protocol == COAP_PROTO_DTLS)

diff --git a/apps/netutils/libcoap/option.c b/apps/netutils/libcoap/option.c
index 0a80746..3249308 100644 (file)
--- a/apps/netutils/libcoap/option.c
+++ b/apps/netutils/libcoap/option.c
@@ -139,6 +139,10 @@ coap_opt_iterator_t *coap_option_iterator_init2(coap_pdu_t *pdu, coap_opt_iterat
        unsigned int headerSize;
 
        switch (transport) {
+       case COAP_UDP:
+               token_length = (pdu->transport_hdr->udp.token_length);
+               headerSize = COAP_UDP_HEADER;
+               break;
 #ifdef WITH_TCP
        case COAP_TCP:
                token_length = (pdu->transport_hdr->tcp.header_data[0]) & 0x0f;
@@ -180,7 +184,11 @@ coap_opt_iterator_t *coap_option_iterator_init2(coap_pdu_t *pdu, coap_opt_iterat
        }
 #endif
 
-       assert((headerSize + token_length) <= pdu->length);
+       if ((headerSize + token_length) > pdu->length) {
+               //assert((headerSize + token_length) <= pdu->length);
+               printf("coap_option_iterator_init2 : invalid length of pdu, headerSize %d token_length %d pdu->length %d\n", headerSize, token_length, pdu->length);
+               return NULL;
+       }
 
        oi->length = pdu->length - (headerSize + token_length);
 

diff --git a/apps/netutils/libcoap/pdu.c b/apps/netutils/libcoap/pdu.c
index cbe4401..7be9b10 100644 (file)
--- a/apps/netutils/libcoap/pdu.c
+++ b/apps/netutils/libcoap/pdu.c
@@ -638,6 +638,9 @@ size_t coap_add_option2(coap_pdu_t *pdu, unsigned short type, unsigned int len,
        }
 
        switch (transport) {
+       case COAP_UDP:
+               opt = (unsigned char *)&(pdu->transport_hdr->udp) + pdu->length;
+               break;
 #ifdef WITH_TCP
        case COAP_TCP:
                opt = (unsigned char *)&(pdu->transport_hdr->tcp) + pdu->length;