From bd20b8da369f4cef1f239607b788efd95f2f8703 Mon Sep 17 00:00:00 2001 From: XANTRONIX Development Date: Mon, 21 Sep 2020 22:46:42 -0500 Subject: [PATCH] Ensure to pack string length in 'z' template Ensure to pack string length in 'z' template to skipstone_message_pack() --- examples/pack.c | 6 ++++-- include/skipstone/message.h | 1 + src/message.c | 9 ++++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/examples/pack.c b/examples/pack.c index 8be2349..5144eae 100644 --- a/examples/pack.c +++ b/examples/pack.c @@ -13,11 +13,13 @@ int main(int argc, char **argv) { if ((len = skipstone_message_pack(buf, SKIPSTONE_MESSAGE_MAX_PAYLOAD, - "CCCC", + "CCCCzz", 1, 2, 3, - 4)) < 0) { + 4, + "KMFDM", + "Nihil")) < 0) { fprintf(stderr, "%s: %s: %s\n", argv[0], "skipstone_message_pack()", strerror(errno)); diff --git a/include/skipstone/message.h b/include/skipstone/message.h index e370c8c..63b56e2 100644 --- a/include/skipstone/message.h +++ b/include/skipstone/message.h @@ -8,6 +8,7 @@ #include #define SKIPSTONE_MESSAGE_MAX_PAYLOAD 4096 +#define SKIPSTONE_MESSAGE_MAX_STRLEN 256 ssize_t skipstone_message_pack(void *message, size_t len, diff --git a/src/message.c b/src/message.c index 632618a..04a5dbb 100644 --- a/src/message.c +++ b/src/message.c @@ -60,10 +60,16 @@ ssize_t skipstone_message_pack(void *message, char *value = va_arg(args, char *); size_t sz = strlen(value); - if (len < offset + sz) { + if (len < offset + sz + 1) { goto done; + } else if (sz > SKIPSTONE_MESSAGE_MAX_STRLEN) { + errno = EOVERFLOW; + + goto error_toobig; } + ((uint8_t *)message)[offset++] = (uint8_t)sz; + memcpy((uint8_t *)message + offset, value, sz); offset += sz; @@ -83,6 +89,7 @@ ssize_t skipstone_message_pack(void *message, done: return offset; +error_toobig: error_invalid_template: return -1; }