[693] Fix handling of null bytes in received strings.

Thanks to Umberto Boscolo. Bug: #693
eclipse · Feb 13, 2018 · c001e77 · c001e77
1 parent 1b70253
commit c001e77
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 11 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -44,6 +44,7 @@ Broker:
 - IPv6 is no longer disabled for websockets listeners.
 - Remove all build timestamp information including $SYS/broker/timestamp.
  Close #651.
+- Correctly handle incoming strings that contain a NULL byte. Closes #693.
 
 Client library:
 - Outgoing messages with QoS>1 are no longer retried after a timeout period.

diff --git a/lib/utf8_mosq.c b/lib/utf8_mosq.c
@@ -26,7 +26,7 @@ int mosquitto_validate_utf8(const char *str, int len)
  const unsigned char *ustr = (const unsigned char *)str;
 
  if(!str) return MOSQ_ERR_INVAL;
- if(len < 1 || len > 65536) return MOSQ_ERR_INVAL;
+ if(len < 0 || len > 65536) return MOSQ_ERR_INVAL;
 
  for(i=0; i<len; i++){
  if(ustr[i] == 0){

diff --git a/src/handle_connect.c b/src/handle_connect.c
@@ -37,7 +37,7 @@ and the Eclipse Distribution License is available at
 # include <libwebsockets.h>
 #endif
 
-static char *client_id_gen(struct mosquitto_db *db)
+static char *client_id_gen(struct mosquitto_db *db, int *idlen)
 {
  char *client_id;
 #ifdef WITH_UUID
@@ -47,23 +47,24 @@ static char *client_id_gen(struct mosquitto_db *db)
 #endif
 
 #ifdef WITH_UUID
- client_id = (char *)mosquitto__calloc(37 + db->config->auto_id_prefix_len, sizeof(char));
+ *idlen = 36 + db->config->auto_id_prefix_len;
+#else
+ *idlen = 64 + db->config->auto_id_prefix_len;
+#endif
+
+ client_id = (char *)mosquitto__calloc((*idlen) + 1, sizeof(char));
  if(!client_id){
  return NULL;
  }
  if(db->config->auto_id_prefix){
  memcpy(client_id, db->config->auto_id_prefix, db->config->auto_id_prefix_len);
  }
+
+
+#ifdef WITH_UUID
  uuid_generate_random(uuid);
  uuid_unparse_lower(uuid, &client_id[db->config->auto_id_prefix_len]);
 #else
- client_id = (char *)mosquitto__calloc(65 + db->config->auto_id_prefix_len, sizeof(char));
- if(!client_id){
- return NULL;
- }
- if(db->config->auto_id_prefix){
- memcpy(client_id, db->config->auto_id_prefix, db->config->auto_id_prefix_len);
- }
  for(i=0; i<64; i++){
  client_id[i+db->config->auto_id_prefix_len] = (rand()%73)+48;
  }
@@ -240,7 +241,7 @@ int handle__connect(struct mosquitto_db *db, struct mosquitto *context)
  rc = MOSQ_ERR_PROTOCOL;
  goto handle_connect_error;
  }else{
- client_id = client_id_gen(db);
+ client_id = client_id_gen(db, &slen);
  if(!client_id){
  rc = MOSQ_ERR_NOMEM;
  goto handle_connect_error;