From: jihwan.seo Date: Fri, 16 Dec 2016 04:29:24 +0000 (+0900) Subject: add checking logic of pdu data length. X-Git-Tag: 1.3.0~1010 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=26135d7d4954f863495f3b088412df1ce9e869a8;p=platform%2Fupstream%2Fiotivity.git add checking logic of pdu data length. unneccessary parsing logic is running when received data is wrong. it should be prevented. Change-Id: Ic36359ae96f0aaa7321a1f1e8ed2d5d086ba1198 Signed-off-by: jihwan.seo Reviewed-on: https://gerrit.iotivity.org/gerrit/15743 Tested-by: jenkins-iotivity Reviewed-by: Ashok Babu Channa --- diff --git a/resource/csdk/connectivity/src/camessagehandler.c b/resource/csdk/connectivity/src/camessagehandler.c index 18cb16f..c10a5aa 100644 --- a/resource/csdk/connectivity/src/camessagehandler.c +++ b/resource/csdk/connectivity/src/camessagehandler.c @@ -737,6 +737,12 @@ static void CAReceivedPacketCallback(const CASecureEndpoint_t *sep, VERIFY_NON_NULL_VOID(sep, TAG, "remoteEndpoint"); VERIFY_NON_NULL_VOID(data, TAG, "data"); + if (0 == dataLen) + { + OIC_LOG(ERROR, TAG, "dataLen is zero"); + return; + } + uint32_t code = CA_NOT_FOUND; CAData_t *cadata = NULL; @@ -1249,11 +1255,16 @@ void CAErrorHandler(const CAEndpoint_t *endpoint, CAResult_t result) { OIC_LOG(DEBUG, TAG, "CAErrorHandler IN"); - -#ifndef SINGLE_THREAD VERIFY_NON_NULL_VOID(endpoint, TAG, "remoteEndpoint"); VERIFY_NON_NULL_VOID(data, TAG, "data"); + if (0 == dataLen) + { + OIC_LOG(ERROR, TAG, "dataLen is zero"); + return; + } + +#ifndef SINGLE_THREAD uint32_t code = CA_NOT_FOUND; //Do not free remoteEndpoint and data. Currently they will be freed in data thread //Get PDU data @@ -1276,6 +1287,8 @@ void CAErrorHandler(const CAEndpoint_t *endpoint, CAQueueingThreadAddData(&g_receiveThread, cadata, sizeof(CAData_t)); coap_delete_pdu(pdu); +#else + (void)result; #endif OIC_LOG(DEBUG, TAG, "CAErrorHandler OUT");