mirror/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2026-02-18 15:35:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

[api] Guard varint parsing against overlong encodings (#13870)

Browse Source
This commit is contained in:
J. Nick Koston
2026-02-09 03:45:40 -06:00
committed by GitHub
parent 422f413680
commit bed01da345
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
esphome/components/api/proto.h
View File

@@ -112,8 +112,12 @@ class ProtoVarInt {
uint64_t result = buffer[0] & 0x7F;
uint8_t bitpos = 7;
// A 64-bit varint is at most 10 bytes (ceil(64/7)). Reject overlong encodings
// to avoid undefined behavior from shifting uint64_t by >= 64 bits.
uint32_t max_len = std::min(len, uint32_t(10));
// Start from the second byte since we've already processed the first
for (uint32_t i = 1; i < len; i++) {
for (uint32_t i = 1; i < max_len; i++) {
uint8_t val = buffer[i];
result |= uint64_t(val & 0x7F) << uint64_t(bitpos);
bitpos += 7;