Check string length before passing to OICStrDup

Assuming that a remote server will always send a string larger than CA_MSG_ARBITER_DI_URI_LENGTH is wrong. A length check before indexing should fix the issue. Fixed issue: https://jira.iotivity.org/browse/IOT-2109 Change-Id: I63b2584acfa250569957e369fe0415f824052585 Signed-off-by: Sushil Yadav <sushil.ky@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/19437 Reviewed-by: Ashok Babu Channa <ashok.channa@samsung.com> Tested-by: jenkins-iotivity <jenkins@iotivity.org>
author: Sushil Yadav <sushil.ky@samsung.com> 2017-04-28 16:21:07 +0530
committer: Uze Choi <uzchoi@samsung.com> 2017-05-03 03:03:06 +0000
commit: 71cbada29e85f8a95f0bce324244e6e8d5b77412 (patch)
tree: 90c35f5d1367605f4e7308fbfe133f8ca4d39b31 /resource/csdk
parent: 21115929c226532b3c7399a5fd5a919412667d92 (diff)
download: iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.tar.gz
iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.tar.bz2
iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.zip
1 files changed, 12 insertions, 4 deletions
diff --git a/resource/csdk/connectivity/util/src/camanager/camessagearbiter.c b/resource/csdk/connectivity/util/src/camanager/camessagearbiter.c
index ff5f53639..59d6733ac 100644
--- a/resource/csdk/connectivity/util/src/camanager/camessagearbiter.c
+++ b/resource/csdk/connectivity/util/src/camanager/camessagearbiter.c
@@ -179,10 +179,18 @@ CAResult_t CAMsgArbiterGetMessageData(CAData_t *data)
                 }
                 data->remoteEndpoint->flags = targetInfo->d2dInfo.flags;
 
-                CAURI_t resourceUri = OICStrdup(data->requestInfo->info.resourceUri
-                                                                + CA_MSG_ARBITER_DI_URI_LENGTH);
-                OICFree(data->requestInfo->info.resourceUri);
-                data->requestInfo->info.resourceUri = resourceUri;
+                if (strlen(data->requestInfo->info.resourceUri) > CA_MSG_ARBITER_DI_URI_LENGTH)
+                {
+                    CAURI_t resourceUri = OICStrdup(data->requestInfo->info.resourceUri
+                                                    + CA_MSG_ARBITER_DI_URI_LENGTH);
+                    OICFree(data->requestInfo->info.resourceUri);
+                    data->requestInfo->info.resourceUri = resourceUri;
+                }
+                else
+                {
+                    OIC_LOG_V(ERROR, TAG, "device id[%s] received resourceUri[%s] too short!", deviceId,
+                              data->requestInfo->info.resourceUri);
+                }
 
                 OIC_LOG_V(DEBUG, TAG, "device id[%s] switched to D2D connect", deviceId);
                 OIC_LOG_V(DEBUG, TAG, "local addr[%s] local port[%d] adapter[%s]",
author	Sushil Yadav <sushil.ky@samsung.com>	2017-04-28 16:21:07 +0530
committer	Uze Choi <uzchoi@samsung.com>	2017-05-03 03:03:06 +0000
commit	71cbada29e85f8a95f0bce324244e6e8d5b77412 (patch)
tree	90c35f5d1367605f4e7308fbfe133f8ca4d39b31 /resource/csdk
parent	21115929c226532b3c7399a5fd5a919412667d92 (diff)
download	iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.tar.gz iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.tar.bz2 iotivity-71cbada29e85f8a95f0bce324244e6e8d5b77412.zip