You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The C client's readPacket reads the message size from the incoming packet and then reads that much data into the read buffer (c->readbuf) with no regard for the read buffer's size (c->readbuf_size). This means that messages larger than the read buffer's size will always cause a buffer overflow.
We're using FreeRTOS, with a read buffer that's allocated on the stack of the task that's handling Mqtt. When this buffer overflow occurs it smashes our stack (including the MQTTClient) and leads to anomalous behaviour.
The text was updated successfully, but these errors were encountered:
I've added a fix for this in readPacket which I believe does most of the job. If the read buffer is very small (less than the header + length of remaining length, between 0 and 5) then that could still be a problem, but buffers of that size are not very useful anyway.
Hi Teams,
I'm using paho mqtt client with NUCLEO STM32 board,
I fixed the KeepAlive Interval to 30 min (1800s) and yield(100), but, after 9 hours the client has disconnected.
The C client's
readPacket
reads the message size from the incoming packet and then reads that much data into the read buffer (c->readbuf
) with no regard for the read buffer's size (c->readbuf_size
). This means that messages larger than the read buffer's size will always cause a buffer overflow.We're using FreeRTOS, with a read buffer that's allocated on the stack of the task that's handling Mqtt. When this buffer overflow occurs it smashes our stack (including the
MQTTClient
) and leads to anomalous behaviour.The text was updated successfully, but these errors were encountered: