From ae1d102fb386fef2d08fb80bd485654085537fa0 Mon Sep 17 00:00:00 2001
From: Wiebe Cazemier <wiebe@halfgaar.net>
Date: Sun, 1 May 2022 18:21:51 +0200
Subject: [PATCH] Check reserved bits in AUTH packet

---
 mqttpacket.cpp | 3 +++
 1 file changed, 3 insertions(+), 0 deletions(-)

diff --git a/mqttpacket.cpp b/mqttpacket.cpp
index 0c78aac..73a602e 100644
--- a/mqttpacket.cpp
+++ b/mqttpacket.cpp
@@ -682,6 +682,9 @@ void MqttPacket::handleConnect()
 
 void MqttPacket::handleExtendedAuth()
 {
+    if (first_byte & 0b1111)
+        throw ProtocolError("AUTH packet first 4 bits should be 0.", ReasonCodes::MalformedPacket);
+
     const ReasonCodes reasonCode = static_cast<ReasonCodes>(readByte());
 
     if (this->protocolVersion < ProtocolVersion::Mqtt5)
--
libgit2 0.21.4