diff --git a/apps/er-coap/er-coap.c b/apps/er-coap/er-coap.c index cdb5ee76a..597d24a11 100644 --- a/apps/er-coap/er-coap.c +++ b/apps/er-coap/er-coap.c @@ -455,10 +455,8 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len) >> COAP_HEADER_VERSION_POSITION; coap_pkt->type = (COAP_HEADER_TYPE_MASK & coap_pkt->buffer[0]) >> COAP_HEADER_TYPE_POSITION; - coap_pkt->token_len = - MIN(COAP_TOKEN_LEN, - (COAP_HEADER_TOKEN_LEN_MASK & coap_pkt-> - buffer[0]) >> COAP_HEADER_TOKEN_LEN_POSITION); + coap_pkt->token_len = (COAP_HEADER_TOKEN_LEN_MASK & coap_pkt->buffer[0]) + >> COAP_HEADER_TOKEN_LEN_POSITION; coap_pkt->code = coap_pkt->buffer[1]; coap_pkt->mid = coap_pkt->buffer[2] << 8 | coap_pkt->buffer[3]; @@ -467,6 +465,11 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len) return BAD_REQUEST_4_00; } + if(coap_pkt->token_len > COAP_TOKEN_LEN) { + coap_error_message = "Token Length must not be more than 8"; + return BAD_REQUEST_4_00; + } + uint8_t *current_option = data + COAP_HEADER_LEN; memcpy(coap_pkt->token, current_option, coap_pkt->token_len);