onenet_mqtt.c - L: 404
*out_buff = ONENET_MALLOC(strlen(msg_str) + 3);
if (!(*out_buff))
{
LOG_E("ONENET mqtt upload string data failed! No memory for send buffer!");
return -RT_ENOMEM;
}
strncpy(&(*out_buff)[3], msg_str, strlen(msg_str));
*length = strlen(&(*out_buff)[3]);*length 如此使用strlen存在很大隐藏风险
onenet_mqtt.c - L: 404
*length 如此使用strlen存在很大隐藏风险