Fixed buffer overflow with auth key

e375bfe1 · Lorenz Meier · 8a33280e · e375bfe1
Commit e375bfe1 authored Sep 16, 2012 by Lorenz Meier
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

MAVLinkProtocol.cc src/comm/MAVLinkProtocol.cc +2 -2

No files found.
--- a/src/comm/MAVLinkProtocol.cc
+++ b/src/comm/MAVLinkProtocol.cc
@@ -539,8 +539,8 @@ void MAVLinkProtocol::sendHeartbeat()
    {
        mavlink_message_t msg;
        mavlink_auth_key_t auth;
-        if (m_authKey.length() != MAVLINK_MSG_AUTH_KEY_FIELD_KEY_LEN) m_authKey.resize(MAVLINK_MSG_AUTH_KEY_FIELD_KEY_LEN);
+        memset(auth, 0, sizeof(auth));
-        strcpy(auth.key, m_authKey.toStdString().c_str());
+        memcpy(auth.key, m_authKey.toStdString().c_str(), qMin(m_authKey.length(), MAVLINK_MSG_AUTH_KEY_FIELD_KEY_LEN));
        mavlink_msg_auth_key_encode(getSystemId(), getComponentId(), &msg, &auth);
        sendMessage(msg);
    }