Skip to content

Commit

Permalink
fixup! fix bug when coap response has big payload
Browse files Browse the repository at this point in the history
_read in sock_dtls callback uses memcpy to copy decrypted message
from (uint8_t *) data to sock->buf. The memory areas overlaps when
the payload is large (>21 bytes).

This fix uses memmove instead of memcpy which is safe for overlapping
memory areas.
  • Loading branch information
kb2ma committed May 7, 2019
1 parent f26447c commit acc8fc1
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion pkg/tinydtls/contrib/sock_dtls.c
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,8 @@ static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
msg.content.value = -ENOBUFS;
}
else {
memcpy(sock->buf, buf, len);
/* memmove instead of memcpy because memory may overlap */
memmove(sock->buf, buf, len);
msg.content.value = len;
}
mbox_put(&sock->mbox, &msg);
Expand Down

0 comments on commit acc8fc1

Please sign in to comment.