Fix fuzzer use-after-poison READ 1

2025-01-14 09:48:01 +08:00 · 2022-11-11 15:03:48 +00:00 · 2022-11-11 15:03:48 +00:00 · a39b7ddbac
commit a39b7ddbac
parent cab5c822c5
2 changed files with 2 additions and 2 deletions
--- a/mongoose.c
+++ b/mongoose.c
@ -3196,7 +3196,7 @@ int mg_mqtt_parse(const uint8_t *buf, size_t len, uint8_t version,
        p += 2;
      }
      if (p > end) return MQTT_MALFORMED;
-      if (version == 5 && p + 1 < end) p += 1 + p[0];  // Skip options
+      if (version == 5 && p + 2 < end) p += 1 + p[0];  // Skip options
      if (p > end) return MQTT_MALFORMED;
      m->data.ptr = (char *) p;
      m->data.len = (size_t) (end - p);
--- a/src/mqtt.c
+++ b/src/mqtt.c
@ -173,7 +173,7 @@ int mg_mqtt_parse(const uint8_t *buf, size_t len, uint8_t version,
        p += 2;
      }
      if (p > end) return MQTT_MALFORMED;
-      if (version == 5 && p + 1 < end) p += 1 + p[0];  // Skip options
+      if (version == 5 && p + 2 < end) p += 1 + p[0];  // Skip options
      if (p > end) return MQTT_MALFORMED;
      m->data.ptr = (char *) p;
      m->data.len = (size_t) (end - p);