Merge pull request #7706 from nmeum/coap-integer-overflow

cbor: fix integer overflow in decode_bytes
2017-10-10 16:34:45 +02:00 · 2017-10-10 16:34:45 +02:00 · 56513ea953
commit 56513ea953
parent c585f0f525 8255810bab
1 changed files with 1 additions and 1 deletions
--- a/sys/cbor/cbor.c
+++ b/sys/cbor/cbor.c
@ -400,7 +400,7 @@ static size_t decode_bytes(const cbor_stream_t *s, size_t offset, char *out, siz
        return 0;
    }

-    if (length < bytes_length + 1) {
+    if (bytes_length == SIZE_MAX || length < bytes_length + 1) {
        return 0;
    }