search

gozfree / gear-lib

Gear-Lib, C library for IOT Embedded Multimedia and Network
MIT License
2.97k stars 805 forks source link

libhomekit.when function tlv_parse parse tlv in http body,an infinite loop occurs. #70

Open haoshanxu opened 2 years ago

haoshanxu commented 2 years ago
截屏2022-04-21 下午1 00 14

If buffer[1] or the “L”of tlv is 0,the while loop will not end.An attacker can construct a malicious packet,which will casue the device to crash.