MicroOcpp icon indicating copy to clipboard operation
MicroOcpp copied to clipboard
verified publisher icon matth-x

fix: Address input validation vulnerabilities in OCPP message handling

Open itsvishalchauhan opened this issue 2 months ago • 0 comments

Summary

This PR fixes multiple input validation vulnerabilities that could cause crashes or undefined behavior when processing malformed OCPP messages or server responses.

Vulnerabilities Fixed

High Severity

  • MOC-003: NULL pointer dereference in Request/Response parsing
    • Files: Request.cpp, RequestQueue.cpp
    • Fix: Add bounds validation before array access

Medium Severity

  • MOC-001: Out-of-bounds read in timestamp fractional second parsing (Time.cpp)
  • MOC-004: NULL pointer in TransactionEvent nested JSON access (TransactionEvent.cpp)
  • MOC-005: Typo "parenIdTag""parentIdTag" (MicroOcpp.cpp)

Low/Informational

  • MOC-006: Integer overflow in FTP PASV port calculation (FtpMbedTLS.cpp)
  • MOC-007: Integer overflow in configuration parsing (Configuration.cpp, ChangeConfiguration.cpp, VariableService.cpp)
  • MOC-002: Unsigned underflow with zero-length certificate serial (CertificateMbedTLS.cpp)

Testing

  • All fixes preserve existing behavior for valid inputs
  • Invalid inputs now return errors instead of causing crashes

Breaking Changes

None - all fixes are backwards compatible

Vulnerabilities identified and remediation proposed by Nebari.ai — AI-native proactive security intelligence solution

itsvishalchauhan avatar Dec 17 '25 20:12 itsvishalchauhan