From 89b6fa479e9510db7c0f3f3e9befb1c323e61c47 Mon Sep 17 00:00:00 2001 From: Mikhail Lappo Date: Wed, 22 Mar 2017 21:20:29 +0100 Subject: [PATCH] Possible out of bound exception hdr_buf has size of 4096. Makes sense to assert that we do not exceed this size before copying there --- src/apps/httpd/makefsdata/makefsdata.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/apps/httpd/makefsdata/makefsdata.c b/src/apps/httpd/makefsdata/makefsdata.c index 366b48a3..888c4f06 100644 --- a/src/apps/httpd/makefsdata/makefsdata.c +++ b/src/apps/httpd/makefsdata/makefsdata.c @@ -989,10 +989,10 @@ int file_write_http_header(FILE *data_file, const char *filename, int file_size, /* ATTENTION: headers are done now (double-CRLF has been written!) */ if (precalcChksum) { + LWIP_ASSERT("hdr_len + cur_len <= sizeof(hdr_buf)", hdr_len + cur_len <= sizeof(hdr_buf)); memcpy(&hdr_buf[hdr_len], cur_string, cur_len); hdr_len += cur_len; - LWIP_ASSERT("hdr_len <= 0xffff", hdr_len <= 0xffff); LWIP_ASSERT("strlen(hdr_buf) == hdr_len", strlen(hdr_buf) == hdr_len); acc = ~inet_chksum(hdr_buf, (u16_t)hdr_len); *http_hdr_len = (u16_t)hdr_len;