to check max token length by coap spec

token lengths 9~15 are reserved.
it must be preocessed as a message format error.

Change-Id: I84b2e51b7364fef4e4dae0d60b1b5010fd059ad2
Signed-off-by: jihwan.seo <jihwan.seo@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/2235
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Jon A. Cruz <jonc@osg.samsung.com>

diff --git a/resource/csdk/connectivity/src/caprotocolmessage.c b/resource/csdk/connectivity/src/caprotocolmessage.c
index 1b6834f..8435bdd 100644 (file)
--- a/resource/csdk/connectivity/src/caprotocolmessage.c
+++ b/resource/csdk/connectivity/src/caprotocolmessage.c
@@ -240,6 +240,14 @@ coap_pdu_t *CAParsePDU(const char *data, uint32_t length, uint32_t *outCode)
         return NULL;
     }
 
+    if (outpdu->hdr->token_length > CA_MAX_TOKEN_LEN)
+    {
+        OIC_LOG_V(ERROR, TAG, "token length has been exceed : %d",
+                  outpdu->hdr->token_length);
+        coap_delete_pdu(outpdu);
+        return NULL;
+    }
+
     if (outCode)
     {
         (*outCode) = (uint32_t) CA_RESPONSE_CODE(outpdu->hdr->code);