Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MQTTPacket_decode() doesn't present errors when it should #230

Open
begincalendar opened this issue Nov 5, 2021 · 1 comment
Open

MQTTPacket_decode() doesn't present errors when it should #230

begincalendar opened this issue Nov 5, 2021 · 1 comment

Comments

@begincalendar
Copy link

  • Prototype doesn't mention anything about how an error might surface via the API.
  • An error value being set when the length value being parsed is detected to be invalid, is redundant and not surfaced because the scope of the variable it is assigned to does not extend past the loop.
  • Similar story as the previous point (with regard to the error value being lost), except in the case of fetching the next character.
  • Return value is not affected by any of the error checking.
  • Output "length" value is not affected by any of the error checking.

Is MQTTPacket_decode() intentionally implemented this way? If so, why aren't the errors (from parsing untrusted input) bubbled up?
@begincalendar begincalendar changed the title MQTTPacket_decode() doesn't present errors MQTTPacket_decode() doesn't present errors when it should Nov 5, 2021
@sunnyfjk
Copy link

你说的是否是MQTTDeserialize_publish函数执行时,topicName数据长度解析异常导致内存访问报错,我在MQTTDeserialize_publish之后添加了readbuf_size < topicName.lenstring.len 的比较条件暂时规避了错误,但是我对MQTT协议不是很了解不能从根源处解决问题

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@begincalendar @sunnyfjk