18746: sys/clif: Fixing out of bounds read under certain conditions r=maribu a=Teufelchen1
Hi 😈
This fixes a potential out of bounds read in clif_encode_link. There is no code in RIOT that can be exploited.
The fix does not break the current API but alters the behaviour slightly. Before the change, the length attributes of `clif_attr_t` where optional. If missing, the length was deduced using `strlen()`. This fix makes those parameters required and if they are `0` it operates as if the length really is `0`. This might not be ideal but it is the only non api breaking fix I could think off.
```c
typedef struct {
char *value;
unsigned value_len; NO LONGER OPTIONAL
const char *key;
unsigned key_len; NO LONGER OPTIONAL
} clif_attr_t;
```
Depends on #18744
cc `@leandrolanzieri`
19161: bors.yaml: re-activate labels check + add block_labels r=miri64 a=miri64
Co-authored-by: Teufelchen1 <bennet.blischke@haw-hamburg.de>
Co-authored-by: Martine Lenders <m.lenders@fu-berlin.de>
72a0f1972d