From f5ac42f8f23efee5764598028679e72d74752c82 Mon Sep 17 00:00:00 2001
From: Federico Coronati <56729512+FeedehC@users.noreply.github.com>
Date: Wed, 1 Mar 2023 10:49:45 -0300
Subject: [PATCH 1/3] fix vulnerability comparison of different types

---
 src/WebRequest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/WebRequest.cpp b/src/WebRequest.cpp
index bbce5ca4c..ef7d7d2d5 100644
--- a/src/WebRequest.cpp
+++ b/src/WebRequest.cpp
@@ -535,7 +535,7 @@ void AsyncWebServerRequest::_parseMultipartPostByte(uint8_t data, bool last){
     } else {
       _multiParseState = WAIT_FOR_RETURN1;
       itemWriteByte('\r'); itemWriteByte('\n'); itemWriteByte('-');  itemWriteByte('-');
-      uint8_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
+      uint16_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
       _parseMultipartPostByte(data, last);
     }
   } else if(_multiParseState == EXPECT_FEED2){

From e34ed25ed755d46a0f45d46b22f7fe6db56939a3 Mon Sep 17 00:00:00 2001
From: Federico Coronati <56729512+FeedehC@users.noreply.github.com>
Date: Wed, 1 Mar 2023 12:17:32 -0300
Subject: [PATCH 2/3] fix: vulnerability comparison of different types

---
 src/WebRequest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/WebRequest.cpp b/src/WebRequest.cpp
index ef7d7d2d5..cd3f05dd6 100644
--- a/src/WebRequest.cpp
+++ b/src/WebRequest.cpp
@@ -535,7 +535,7 @@ void AsyncWebServerRequest::_parseMultipartPostByte(uint8_t data, bool last){
     } else {
       _multiParseState = WAIT_FOR_RETURN1;
       itemWriteByte('\r'); itemWriteByte('\n'); itemWriteByte('-');  itemWriteByte('-');
-      uint16_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
+      uint32_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
       _parseMultipartPostByte(data, last);
     }
   } else if(_multiParseState == EXPECT_FEED2){

From 4af0246758087c7d87fb7d681acf09d2dfeebd22 Mon Sep 17 00:00:00 2001
From: Federico Coronati <56729512+FeedehC@users.noreply.github.com>
Date: Wed, 1 Mar 2023 12:30:34 -0300
Subject: [PATCH 3/3] fix: vulnerability comparison of different type sizes

---
 src/WebRequest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/WebRequest.cpp b/src/WebRequest.cpp
index cd3f05dd6..d48c9e96f 100644
--- a/src/WebRequest.cpp
+++ b/src/WebRequest.cpp
@@ -545,7 +545,7 @@ void AsyncWebServerRequest::_parseMultipartPostByte(uint8_t data, bool last){
     } else {
       _multiParseState = WAIT_FOR_RETURN1;
       itemWriteByte('\r'); itemWriteByte('\n'); itemWriteByte('-');  itemWriteByte('-');
-      uint8_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
+      uint32_t i; for(i=0; i<_boundary.length(); i++) itemWriteByte(_boundary.c_str()[i]);
       itemWriteByte('\r'); _parseMultipartPostByte(data, last);
     }
   }