Skip to content

The NB socket buffer is too short for NB1500 http, causing overwrite and crash #61

New issue
New issue
Open
Open
The NB socket buffer is too short for NB1500 http, causing overwrite and crash#61
Labels
type: imperfectionPerceived defect in any part of project
@helgerustad

Description

@helgerustad
helgerustad
opened on Dec 2, 2020

I use an NB1500 and sends a http request to fetch a web page. The response is larger than 512 byte. This causes a SW crash. The bug has been identified in NBSocketBuffer.cpp;

  • In NBSocketBuffer.cpp a 512 byte read buffer is allocated: <malloc(NB_SOCKET_BUFFER_SIZE)>.
  • The a read of 512 byte is requested: <MODEM.sendf("AT+USORD=%d,%d", socket, NB_SOCKET_BUFFER_SIZE);>.
  • The library has previously set HEX mode with <AT+UDCONF=1,1>.
  • The modem returns two characters per byte - up to 1024 bytes. The library does not check the length causing overrun and SW crash,

Changing the USORD command line to <MODEM.sendf("AT+USORD=%d,%d", socket, NB_SOCKET_BUFFER_SIZE/2);> is one way to correct the error.

Metadata

Metadata

Assignees

No one assigned

    Labels

    type: imperfectionPerceived defect in any part of project

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions