1 Reply Latest reply on Aug 13, 2020 6:19 AM by RaktimR_11

    BUG in AWS/aws_mqtt.c when receiving a long message




      There's a bug in aws_mqtt.c (WICED 6.4) when receiving a long messages on a subscribed topic (e.g. AWS CreateKeysAndCertificate provisioning message response)

      In such case the message is broken into chunks that are being transferred on several calls to mqtt_connection_event_cb(...).


      The topic is carried in the first chunk and need to be stored in an allocated memory, not just being pointed at (as its pointing to temporary object).


      Attached is a screen cap of the change required (on the right pane)


      NOTE - There is still unhandled vulnerability if the topic name itself is very long and crosses a chunk boundary !

      Cypress/Infineon - please handle this vulnerability !!!


      Keep safe.


      2020-08-12 17_10_50-.png