SDK-3.7.0: Bug in wiced_https_get implementation

Ask the Community
Close
Ask the Community
nav search Icon
Forums gray-arrow gray-arrow
Resources gray-arrow gray-arrow
About gray-arrow gray-arrow
Groups gray-arrow gray-arrow
nav-user Account

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

SDK-3.7.0: Bug in wiced_https_get implementation

AxLi_1746341
Level 7
Level 7
10 comments on KBA 5 comments on KBA First comment on KBA
‎Jul 14, 2016 07:51 PM
‎Jul 14, 2016 07:51 PM
Jump to solution

Testing a static variable certificate_loaded is simply wrong.

If create 2 threads to connect server with different URL paths,

the fist thread test certificate_loaded and init tls identity, the second

thread will NOT init tls identity.

In additional, use strlen( dct_security->private_key ) and strlen( dct_security->certificate ) are also buggy.

How do you make sure the private_key and certificate read from DCT is NULL terminated?

Think about the case write a longer cert/key to DCT then override it with a shorter cert/key.

Then you got wrong length by strlen().

Labels
0 Likes
Subscribe
1 Solution

Re: SDK-3.7.0: Bug in wiced_https_get implementation

Anonymous
Not applicable
‎Jul 28, 2016 10:43 PM
‎Jul 28, 2016 10:43 PM
Jump to solution

Hi axel.lin,

To load certificate and private key those changes were added without changing API. But yes I agree with your point in case of multiple

threads.

I suggest you to use new http library which handles both the cases you mentioned. Please use snip/httpbin_org application to make use

of new http library.

Thanks,

Vikas

View solution in original post

2 Replies