search

obgm / libcoap

A CoAP (RFC 7252) implementation in C
Other
791 stars 423 forks source link

Memory allocation failue check #1507

Open pawszw2 opened 2 weeks ago

pawszw2 commented 2 weeks ago

Environment

libcoap Configuration Summary

Irrelevant

Problem Description

Hi! When I was using libcoap with OSCORE, I run into a problem of unsuccessful encryption (server returned 4.01 Unauthorized). After some investigation I've found out that it was due to failed coap_malloc_type() and result of allocation not being checked against NULL. I think that NULL checks should be introduced after each coap_malloc_type() invocation.

Expected Behavior

Error log with information, that memory allocation failed, and 5.xx (probably 5.00) error code returned.

Actual Behavior

No information about failed allocation and wrong error code (4.01 suggesting an error on client's side).

Steps to reproduce

NULLchecks after allocation are missing in many places, so it requires many scenarios.

I also don't know if server returns 5.00 after memory allocation in places we check it.

Code to reproduce this issue

Debug Logs

Other items if possible

mrdeep1 commented 2 weeks ago

Thanks for raising this. It would be good to know which coap_malloc_type() failed for you (file and line no). In the OSCORE specific code, NULL returns are checked for (otherwise you will be seeing memory access errors), but they may be taking wrong decisions.