Add Testing Validation and Fixes for wolfMQTT#480
Merged
dgarske merged 23 commits intowolfSSL:masterfrom Apr 10, 2026
Merged
Conversation
…r hmtBcprefix wildcard guard [MQTT-4.7.2]
…r PUBLISH topic wildcard rejection [MQTT-3.3.2-2]
…MqttDecode_Vbi 4-byte boundary values
…MqttEncode_Publish packet_id==0 QoS check
…MqttDecode_ConnectAck remain_len boundary
…heck to MqttEncode_Subscribe
…check to MqttEncode_Unsubscribe
…p encoder omitting reason_code with SUCCESS+properties
…ch parent match for x/# vs x [MQTT-4.7.1.2]
…te returning success after failed WebSocket write
… CONNECT to clear plaintext credentials
…when credentials sent without TLS
…laintext listener active with auth credentials
…MqttEncode_Connect password-without-username check
…QoS 2 next-ack packet_type+1 arithmetic
…idation to MqttDecode_SubscribeAck
…idation to MqttDecode_PublishResp
…idation to MqttDecode_UnsubscribeAck
…riable Byte Integer encodings [MQTT-1.5.5-1]
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
- Fix unit test SIGSEGV on macOS: call MqttProps_Init/ShutDown for v5
static property pool semaphore initialization
- Use xfer instead of client->write.len for tx_buf clearing (write.len
is zeroed by MqttWriteStop before the XMEMSET)
- Free decoded v5 props in roundtrip test to prevent pool exhaustion
- Remove unused T24_PLUS_RC/T24_HASH_RC variables in broker.test
- Change TLS credential warning guard from WOLFMQTT_DEBUG_CLIENT to
DEBUG_WOLFMQTT for broader coverage
aidangarske
requested review from
Copilot and
dgarske
and removed request for
Copilot
dgarske
reviewed
Apr 9, 2026
Contributor
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
🐺 Skoll Code Review
Overall recommendation: APPROVE
Findings: 4 total — 4 posted, 0 skipped
Posted findings
- [Medium] Credential clearing uses plain memset instead of secure zeroization —
src/mqtt_client.c:1733 - [Low] Credential clearing is skipped during NONBLOCK partial writes —
src/mqtt_client.c:1719-1727 - [Low] Overlong VBI check may reject packets from non-compliant implementations —
src/mqtt_packet.c:247-250 - [Info] Unit test passes NULL connect_ack to test malformed CONNACK —
tests/unit_test.c:232-242
Review generated by Skoll via openclaw
dgarske
previously approved these changes
Apr 9, 2026
dgarske
approved these changes
Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
F-2341, F-2342, F-2339, F-2340, F-2344, F-2351, F-2352, F-2357, F-2022, F-2023, F-2323, F-2324, F-2325, F-2343, F-2345, F-2346, F-2347, F-2353, F-2354, F-2358