Fix out of bounds access

httpURI may not be NUL-terminated.
apple · Sep 18, 2020 · 6ca3c54 · 6ca3c54
1 parent 45ea458
commit 6ca3c54
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/HAP/HAPIPAccessoryServer.c b/HAP/HAPIPAccessoryServer.c
@@ -2842,11 +2842,7 @@ static void handle_http_request(HAPIPSessionDescriptor* session) {
                 }
             }
         } else {
-            HAPLogBuffer(
-                    &logObject,
-                    session->httpURI.bytes,
-                    HAPStringGetNumBytes(HAPNonnull(session->httpURI.bytes)),
-                    "Unknown endpoint accessed.");
+            HAPLogBuffer(&logObject, session->httpURI.bytes, session->httpURI.numBytes, "Unknown endpoint accessed.");
             if (session->securitySession.isSecured || kHAPIPAccessoryServer_SessionSecurityDisabled) {
                 if (!HAPSessionIsTransient(&session->securitySession._.hap)) {
                     write_msg(&session->outboundBuffer, kHAPIPAccessoryServerResponse_ResourceNotFound);