BugID:23661689:[http] fix long http header memory overflow issue

Change-Id: I416def4177884e50c38fb76af2cd2c73b4eff456

middleware/linkkit/sdk-c/src/infra/utils/misc/utils_httpc.c

@@ -652,7 +652,13 @@ int httpclient_response_parse(httpclient_t *client, char *data, int len, uint32_
     /* try to read more header again until find response head ending "\r\n\r\n" */
     while (NULL == (ptr_body_end = strstr(data, "\r\n\r\n"))) {
         /* try to read more header */
-        ret = httpclient_recv(client, data + len, 1, HTTPCLIENT_RAED_HEAD_SIZE, &new_trf_len, iotx_time_left(&timer));
+        int max_remain_len = HTTPCLIENT_CHUNK_SIZE - len - 1;
+        if (max_remain_len <= 0) {
+            utils_err("buffer exceeded max\n");
+            return ERROR_HTTP_PARSE;
+        }
+        max_remain_len = max_remain_len > HTTPCLIENT_RAED_HEAD_SIZE ? HTTPCLIENT_RAED_HEAD_SIZE : max_remain_len;
+        ret = httpclient_recv(client, data + len, 1, max_remain_len, &new_trf_len, iotx_time_left(&timer));
         if (ret == ERROR_HTTP_CONN) {
             return ret;
         }

middleware/linkkit/sdk-c/src/protocol/http/iotx_http_api.c

@@ -531,6 +531,11 @@ int IOT_HTTP_DeviceNameAuth(void *handle)
         goto do_exit;
     }
 
+    if(strlen(pvalue) > IOTX_HTTP_AUTH_TOKEN_LEN - 1) {
+        http_err("token is out of size");
+        goto do_exit;
+    }
+
     strcpy(iotx_http_context->p_auth_token, pvalue);
     iotx_http_context->is_authed = 1;
     LITE_free(pvalue);