Adafruit_MQTT_Library icon indicating copy to clipboard operation
Adafruit_MQTT_Library copied to clipboard

Published 20 hours ago verified publisher icon adafruit

Buffer overflow on connect if len(password)+len(user) > MAXBUFFERSIZE (150)

Open cirvladimir opened this issue 7 years ago • 1 comments

Adafruit_MQTT declares uint8_t Adafruit_MQTT::buffer[MAXBUFFERSIZE] Adafruit_MQTT::connect calls connectPacket(buffer) without passing in size of buffer. connectPacket fills in buffer, if password or user name are sufficiently large it will overflow without any checks.

cirvladimir avatar Feb 17 '18 00:02 cirvladimir

Had similar problem. I changed Adafruit_MQTT.h to change MAXBUFFERSIZE from 150 to 1000. That resolved problem. You may wish to use a smaller size.

S2Doc avatar Aug 26 '19 19:08 S2Doc