Hi,
In MQX 4.0.1 (possibly later, haven't checked) there is an off by one error in rtcs/source/if/ifdns.c, in the function DNS_insert_slist_entry.
Original code snippit:
(starts at line 254)
if (usr_slist_entry_ptr->NAME_PTR)
{
tmp_str = RTCS_mem_alloc_system( strlen(usr_slist_entry_ptr->NAME_PTR) );
if (tmp_str == NULL)
return RTCSERR_DNS_UNABLE_TO_ALLOCATE_MEMORY;
strcpy(tmp_str, usr_slist_entry_ptr->NAME_PTR);
}
The problem is strlen gives the length of the string NOT INCLUDING THE NULL TERMINATION, where as strcpy copies including the null termination.
My fix:
if (usr_slist_entry_ptr->NAME_PTR)
{
tmp_str = RTCS_mem_alloc_system( strlen(usr_slist_entry_ptr->NAME_PTR) + 1 );
if (tmp_str == NULL)
return RTCSERR_DNS_UNABLE_TO_ALLOCATE_MEMORY;
strcpy(tmp_str, usr_slist_entry_ptr->NAME_PTR);
}
It's a simple fix, and for the most part it wont cause any problem, unless the string length happens to fit in the allocation block perfectly, then the first byte of the next blocks header will be zeroed, with unpredictable results.
The DNS system has been re-written for MQX 4.2, Next MQX release won't have that source files at all. Thank you
Hi
Thank you for reporting this, I will forward your post to software team.
Have a great day,
Daniel
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------