From 1841c3e1e1dec70257ea4b2e9e9fbdf4f2245f55 Mon Sep 17 00:00:00 2001
From: rudolfkoenig <>
Date: Wed, 17 Mar 2021 16:33:09 +0000
Subject: [PATCH] 00_MQTT2_SERVER.pm: reject CONNECT with non-zero reserved
 bits (Forum #119585)

git-svn-id: https://svn.fhem.de/fhem/trunk@23987 2b470e98-0d58-463d-a4d8-8e2adae1ed80
---
 fhem/FHEM/00_MQTT2_SERVER.pm | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fhem/FHEM/00_MQTT2_SERVER.pm b/fhem/FHEM/00_MQTT2_SERVER.pm
index cf5f72eb2..dba54a0c7 100644
--- a/fhem/FHEM/00_MQTT2_SERVER.pm
+++ b/fhem/FHEM/00_MQTT2_SERVER.pm
@@ -324,6 +324,10 @@ MQTT2_SERVER_Read($@)
   ####################################
   if($cpt eq "CONNECT") {
     # V3:MQIsdb V4:MQTT
+    if(ord($fb) & 0xf) { # lower nibble must be zero
+      Log3 $sname, 3, "$cname with bogus CONNECT (".ord($fb)."), disconnecting";
+      return CommandDelete(undef, $cname);
+    }
     ($hash->{protoTxt}, $off) = MQTT2_SERVER_getStr($hash, $pl, 0);
     $hash->{protoNum}  = unpack('C*', substr($pl,$off++,1)); # 3 or 4
     $hash->{cflags}    = unpack('C*', substr($pl,$off++,1));