Fixed possibility of non-0-terminated MQTT payloads

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 ### Builds after release 0.12.0
 
+#### Build 2105120
+
+-   Fixed possibility of non-0-terminated MQTT payloads
+-   Fixed two warnings regarding integer comparison
+
 #### Build 2105112
 
 -   Usermod settings page no usermods message

wled00/ir.cpp

@@ -42,7 +42,7 @@ const size_t numBrightnessSteps = sizeof(brightnessSteps) / sizeof(uint8_t);
 void incBrightness()
 {
   // dumb incremental search is efficient enough for so few items
-  for (int index = 0; index < numBrightnessSteps; ++index)
+  for (uint8_t index = 0; index < numBrightnessSteps; ++index)
   {
     if (brightnessSteps[index] > bri)
     {

wled00/mqtt.cpp

@@ -62,7 +62,19 @@ void onMqttMessage(char* topic, char* payload, AsyncMqttClientMessageProperties
     DEBUG_PRINTLN(F("no payload -> leave"));
     return;
   }
-  DEBUG_PRINTLN(payload);
+  char* payloadStr;
+  bool alloc = false;
+  // check if payload is 0-terminated
+  if (payload[len-1] == '\0') {
+    payloadStr = payload;
+  } else {
+    payloadStr = new char[len+1];
+    strncpy(payloadStr, payload, len);
+    payloadStr[len] = '\0';
+    alloc = true;
+  }
+  if (payloadStr == nullptr) return; //no mem
+  DEBUG_PRINTLN(payloadStr);
 
   size_t topicPrefixLen = strlen(mqttDeviceTopic);
   if (strncmp(topic, mqttDeviceTopic, topicPrefixLen) == 0) {
@@ -73,7 +85,8 @@ void onMqttMessage(char* topic, char* payload, AsyncMqttClientMessageProperties
       topic += topicPrefixLen;
     } else {
       // Non-Wled Topic used here. Probably a usermod subscribed to this topic.
-      usermods.onMqttMessage(topic, payload);
+      usermods.onMqttMessage(topic, payloadStr);
+      if (alloc) delete[] payloadStr;
       return;
     }
   }
@@ -81,25 +94,26 @@ void onMqttMessage(char* topic, char* payload, AsyncMqttClientMessageProperties
   //Prefix is stripped from the topic at this point
 
   if (strcmp_P(topic, PSTR("/col")) == 0) {
-    colorFromDecOrHexString(col, (char*)payload);
+    colorFromDecOrHexString(col, (char*)payloadStr);
     colorUpdated(NOTIFIER_CALL_MODE_DIRECT_CHANGE);
   } else if (strcmp_P(topic, PSTR("/api")) == 0) {
     if (payload[0] == '{') { //JSON API
       DynamicJsonDocument doc(JSON_BUFFER_SIZE);
-      deserializeJson(doc, payload);
+      deserializeJson(doc, payloadStr);
       deserializeState(doc.as<JsonObject>());
     } else { //HTTP API
       String apireq = "win&";
-      apireq += (char*)payload;
+      apireq += (char*)payloadStr;
       handleSet(nullptr, apireq);
     }
   } else if (strlen(topic) != 0) {
     // non standard topic, check with usermods
-    usermods.onMqttMessage(topic, payload);
+    usermods.onMqttMessage(topic, payloadStr);
   } else {
     // topmost topic (just wled/MAC)
-    parseMQTTBriPayload(payload);
+    parseMQTTBriPayload(payloadStr);
   }
+  if (alloc) delete[] payloadStr;
 }
 
 

wled00/overlay.cpp

@@ -79,7 +79,7 @@ void _overlayAnalogClock()
 
 void _overlayAnalogCountdown()
 {
-  if (now() < countdownTime)
+  if ((unsigned long)now() < countdownTime)
   {
     long diff = countdownTime - now();
     double pval = 60;

wled00/wled.h

@@ -8,7 +8,7 @@
  */
 
 // version code in format yymmddb (b = daily build)
-#define VERSION 2105112
+#define VERSION 2105120
 
 //uncomment this if you have a "my_config.h" file you'd like to use
 //#define WLED_USE_MY_CONFIG