mirror
/
gluon-packages
mirror of https://github.com/freifunk-gluon/packages.git
1
0
Fork 0
Code Releases Activity

autoupdater: Allocate signature using safe_malloc 

Previously the signature buffer could have been a null
ptr leading to a null ptr dereference

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
This commit is contained in:
Tobias Schramm 2018-02-20 12:06:44 +01:00
parent adfcdb050c
commit c52c3495e7
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
admin/autoupdater/src/manifest.c
View File

@ -23,9 +23,9 @@
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "hexutil.h"
#include "manifest.h"
#include "util.h"
#include <errno.h>
#include <limits.h>
@ -80,7 +80,8 @@ static bool parse_rfc3339(const char *input, time_t *date) {
void parse_line(char *line, struct manifest *m, const char *branch, const char *image_name) {
if (m->sep_found) {
ecdsa_signature_t *sig = malloc(sizeof(ecdsa_signature_t));
ecdsa_signature_t *sig = safe_malloc(sizeof(ecdsa_signature_t), "failed to allocate memory for signature");
if (!parsehex(sig, line, sizeof(*sig))) {
free(sig);
fprintf(stderr, "autoupdater: warning: garbage in signature area: %s\n", line);