jeans/Tasmota
jeans/Tasmota
1
0
Fork 0
mirror of https://github.com/arendst/Tasmota.git synced 2025-07-29 13:46:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow

Browse Source 
Fix buffer overflow (#5310)
This commit is contained in:
Theo Arends 2019-02-25 21:23:18 +01:00
parent 9f00978a79
commit 9a670be95b
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sonoff/xdrv_04_light.ino
View File

@ -1252,7 +1252,11 @@ bool LightColorEntry(char *buffer, uint8_t buffer_length)
entry_type = 2; // Decimal
}
else if (((2 * light_subtype) == buffer_length) || (buffer_length > 3)) { // Hexadecimal entry
for (uint8_t i = 0; i < buffer_length / 2; i++) {
uint8_t limit = buffer_length / 2;
if (limit > sizeof(light_entry_color)) { // Fix buffer overflow due to too many parameters
limit = sizeof(light_entry_color);
}
for (uint8_t i = 0; i < limit; i++) {
strlcpy(scolor, buffer + (i *2), 3);
light_entry_color[i] = (uint8_t)strtol(scolor, &p, 16);
}