search

eclipse / paho.mqtt-sn.embedded-c

Paho C MQTT-SN gateway and libraries for embedded systems. Paho is an Eclipse IoT project.
https://eclipse.org/paho
Other
315 stars 178 forks source link

CONNECT primitive with empty ClientId #86

Closed sjwalke closed 6 years ago

sjwalke commented 6 years ago

A misbehaving client that sends CONNECT towards the GW with a zero-length ClientId field will crash the gateway.

Function MQTTSNDeserialize_connect() does not validate against the error condition:

(data->clientID.lenstring.data == NULL)

and hence a null string is deferenced later in the receive task (most likely by the logging functions)

ty4tw commented 6 years ago

Thank you for your report. I changed to that the gateway sets a null client ID when the clientID of CONNECT is null.