From c084c46b9b4d30679ed3831acc21213524d6e7fa Mon Sep 17 00:00:00 2001
From: Anmol Sarma <me@anmolsarma.in>
Date: Sat, 5 Sep 2015 20:46:29 +0530
Subject: [PATCH] Fix handling of Token Length greater than 8

---
 apps/er-coap/er-coap.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/apps/er-coap/er-coap.c b/apps/er-coap/er-coap.c
index 34c671623..5e2ec02bf 100644
--- a/apps/er-coap/er-coap.c
+++ b/apps/er-coap/er-coap.c
@@ -451,10 +451,8 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len)
     >> COAP_HEADER_VERSION_POSITION;
   coap_pkt->type = (COAP_HEADER_TYPE_MASK & coap_pkt->buffer[0])
     >> COAP_HEADER_TYPE_POSITION;
-  coap_pkt->token_len =
-    MIN(COAP_TOKEN_LEN,
-        (COAP_HEADER_TOKEN_LEN_MASK & coap_pkt->
-         buffer[0]) >> COAP_HEADER_TOKEN_LEN_POSITION);
+  coap_pkt->token_len = (COAP_HEADER_TOKEN_LEN_MASK & coap_pkt->buffer[0])
+    >> COAP_HEADER_TOKEN_LEN_POSITION;
   coap_pkt->code = coap_pkt->buffer[1];
   coap_pkt->mid = coap_pkt->buffer[2] << 8 | coap_pkt->buffer[3];
 
@@ -463,6 +461,11 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len)
     return BAD_REQUEST_4_00;
   }
 
+  if(coap_pkt->token_len > COAP_TOKEN_LEN) {
+    coap_error_message = "Token Length must not be more than 8";
+    return BAD_REQUEST_4_00;
+  }
+
   uint8_t *current_option = data + COAP_HEADER_LEN;
 
   memcpy(coap_pkt->token, current_option, coap_pkt->token_len);