HttpClient buffer too small
Opened this issue · 1 comments
In HttpClient.h, the value of buffer is only 1024. This is pretty small and means that URL's longer than a few hundred characters are truncated. I'd love to see this number increased to say, 8192. Or expose it so the user can select a value that meets their needs.
Additionally to that I do see a potential buffer overflow issue with this code
while (client.available()) {
...
if (bufferPosition < sizeof(buffer)-1) {
buffer[bufferPosition] = c;
} else if ((bufferPosition == sizeof(buffer)-1)) {
buffer[bufferPosition] = '\0'; // Null-terminate buffer
client.stop();
error = true;
#ifdef LOGGING
Serial.println("HttpClient>\tError: Response body larger than buffer.");
#endif
}
bufferPosition++;
}
buffer[bufferPosition] = '\0'; // Null-terminate buffer
In case of a response greater or equal to sizeof(buffer)
the final bufferPosition++
will increment to sizeof(buffer)
and the following buffer[bufferPosition] = '\0'
will actually end up in the byte following the actual buffer.
There actually should be a break
inside the else if()
branch to avoid the additional increment (and the zero-termination inside that branch can be omitted due to the same instruction following the loop.