Merge branch 'bugfix/provisioning_example_warning_with_O2_optimization' into 'master'

provisioning: use memcpy instead of strncpy for copying SSID Closes IDFGH-3983 See merge request espressif/esp-idf!10467
2025-08-07 20:00:53 +00:00 · 2020-09-17 17:56:37 +08:00
parent 3c283b490a 6a3d50c952
commit d82b9275b5
8 changed files with 37 additions and 22 deletions
--- a/examples/provisioning/legacy/ble_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/legacy/ble_prov/main/app_prov_handlers.c
@@ -98,12 +98,16 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
    ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
             req_data->ssid, req_data->password);

-    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+    /* Using memcpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
     * But this doesn't guarantee that the saved SSID will be null terminated, because
     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
     * Although, this is not a matter for concern because esp_wifi library reads the SSID
     * upto 32 bytes in absence of null termination */
-    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    const size_t ssid_len = strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    /* Ensure SSID less than 32 bytes is null terminated */
+    memset(wifi_cfg->sta.ssid, 0, sizeof(wifi_cfg->sta.ssid));
+    memcpy(wifi_cfg->sta.ssid, req_data->ssid, ssid_len);
+
    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
    return ESP_OK;
 }
--- a/examples/provisioning/legacy/console_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/legacy/console_prov/main/app_prov_handlers.c
@@ -98,12 +98,16 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
    ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
             req_data->ssid, req_data->password);

-    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+    /* Using memcpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
     * But this doesn't guarantee that the saved SSID will be null terminated, because
     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
     * Although, this is not a matter for concern because esp_wifi library reads the SSID
     * upto 32 bytes in absence of null termination */
-    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    const size_t ssid_len = strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    /* Ensure SSID less than 32 bytes is null terminated */
+    memset(wifi_cfg->sta.ssid, 0, sizeof(wifi_cfg->sta.ssid));
+    memcpy(wifi_cfg->sta.ssid, req_data->ssid, ssid_len);
+
    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
    return ESP_OK;
 }
--- a/examples/provisioning/legacy/custom_config/main/app_prov_handlers.c
+++ b/examples/provisioning/legacy/custom_config/main/app_prov_handlers.c
@@ -110,12 +110,16 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
    ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
             req_data->ssid, req_data->password);

-    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+    /* Using memcpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
     * But this doesn't guarantee that the saved SSID will be null terminated, because
     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
     * Although, this is not a matter for concern because esp_wifi library reads the SSID
     * upto 32 bytes in absence of null termination */
-    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    const size_t ssid_len = strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    /* Ensure SSID less than 32 bytes is null terminated */
+    memset(wifi_cfg->sta.ssid, 0, sizeof(wifi_cfg->sta.ssid));
+    memcpy(wifi_cfg->sta.ssid, req_data->ssid, ssid_len);
+
    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
    return ESP_OK;
 }
--- a/examples/provisioning/legacy/softap_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/legacy/softap_prov/main/app_prov_handlers.c
@@ -98,12 +98,16 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
    ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
             req_data->ssid, req_data->password);

-    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+    /* Using memcpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
     * But this doesn't guarantee that the saved SSID will be null terminated, because
     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
     * Although, this is not a matter for concern because esp_wifi library reads the SSID
     * upto 32 bytes in absence of null termination */
-    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    const size_t ssid_len = strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    /* Ensure SSID less than 32 bytes is null terminated */
+    memset(wifi_cfg->sta.ssid, 0, sizeof(wifi_cfg->sta.ssid));
+    memcpy(wifi_cfg->sta.ssid, req_data->ssid, ssid_len);
+
    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
    return ESP_OK;
 }