Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure iothub direct method support #21013

Merged

Conversation

PabasaraDilshan
Copy link
Contributor

Description:

Azure iothub direct method feature support to receive messages to device via direct method and send response. Direct method feature can be added with adding this code snippet to user_config_override_sample.h

#ifndef USE_MQTT_TLS
#define USE_MQTT_TLS
#endif
#define USE_MQTT_AZURE_IOT
#define USE_AZURE_DIRECT_METHOD

Also required to enable MQTT_TLS_ENABLED and SetOption132 1 to establish connection with azure iot hub.

Example:
Method:

POWER

Payload:

{
"payload":"ON"
}

https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-direct-methods

Related issue (if applicable): fixes #

Checklist:

  • The pull request is done against the latest development branch
  • Only relevant files were touched
  • Only one feature/fix was added per PR and the code change compiles without warnings
  • The code change is tested and works with Tasmota core ESP8266 V.2.7.6
  • The code change is tested and works with Tasmota core ESP32 V.2.0.14
  • I accept the CLA.

NOTE: The code change must pass CI tests. Your PR cannot be merged unless tests pass

@Jason2866 Jason2866 requested a review from s-hadinger March 22, 2024 14:30
JsonParser mqtt_json_data((char*) mqtt_data);
JsonParserObject message_object = mqtt_json_data.getRootObject();
String mqtt_data_str= message_object.getStr("payload","");
data_len = mqtt_data_str.length();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No!!! data_len is the size of mqtt_data and is used to avoid buffer overflow. Changing data_len to the length of an arbitrary string received on the wire is wrong.

Remove this line.

strncpy copies the string with no more than data_len bytes, it figures out on its own the size of the source string.

@s-hadinger
Copy link
Collaborator

Overall I'm ok except the buffer_overflow vulnerability accidentally introduced. Please fix so we can merge.

@s-hadinger
Copy link
Collaborator

I di the change myself and merged

@s-hadinger s-hadinger merged commit 2fff690 into arendst:development Mar 25, 2024
64 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants