• Dominik Ermel's avatar
    boot_serial: Fix buffer overflow in boot_serial_out · 5ff89581
    Dominik Ermel authored
    
    
    The buf buffer set to collect total console payload consisting
    of total size (two bytes), SMP header (eigth bytes), data payload
    (bs_obuf, BOOT_SERIAL_OUT_MAX) and CRC (two bytes), pior to base64
    encoding has been set to size of BOOT_SERIAL_OUT_MAX.
    This means that if output data len, in bs_obuf, would be longer than
    BOOT_SERIAL_OUT_MAX - 8 - 2 - 2, then composing of the output buffer
    would overflow.
    
    Signed-off-by: default avatarDominik Ermel <dominik.ermel@nordicsemi.no>
    5ff89581