Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

should check rem_len size in readpacket. #96

Closed
abing1991 opened this issue Jun 21, 2017 · 3 comments
Closed

should check rem_len size in readpacket. #96

abing1991 opened this issue Jun 21, 2017 · 3 comments
Assignees
@icraggs
Labels
bug
Milestone
1.1

Comments

@abing1991
Copy link

abing1991 commented Jun 21, 2017
edited
Loading

in readPacket function, should check rem_len with readbuf_size between step 2 and step 3.
@icraggs icraggs self-assigned this Jul 7, 2017
@icraggs icraggs added the bug label Jul 7, 2017
@icraggs icraggs added this to the 1.1 milestone Jul 7, 2017
@icraggs
Copy link
Collaborator

icraggs commented Jul 7, 2017

I assume we're talking about the MQTTClient-C here as the C++ version already has that in. I'm adding it for 1.1. Thanks.

icraggs pushed a commit that referenced this issue Jul 7, 2017
Fix for issue #96
ca6916f
@icraggs
Copy link
Collaborator

icraggs commented Jul 14, 2017

Done.

@icraggs icraggs closed this as completed Jul 14, 2017
@waynebeaton
Copy link
Member

The issue that ca6916f patches has been identified as a vulnerability by a researcher. I've been asked to assign a CVE.

I've assigned CVE-2021-41036.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@icraggs icraggs

Labels
bug
Projects
None yet
Milestone
1.1
Development

No branches or pull requests
3 participants
@waynebeaton @abing1991 @icraggs