mirror
/
openwrt-routing
mirror of https://git.openwrt.org/feed/routing.git
1
0
Fork 0
Code Releases Activity

alfred: Merge bugfixes from 2022.1 

* Ensure processed change_iface packet is 0-terminated
* Ensure processed change_bat_iface packet is 0-terminated

Signed-off-by: Sven Eckelmann <sven@narfation.org>
This commit is contained in:
Sven Eckelmann 2022-05-06 22:26:35 +02:00
parent 2bebe7e1bc
commit f2bebea733
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
alfred/patches/0001-alfred-Ensure-processed-change_iface-packet-is-0-ter.patch Normal file
View File

@ -0,0 +1,22 @@
From: Sven Eckelmann <sven@narfation.org>
Date: Sat, 19 Feb 2022 08:51:28 +0100
Subject: alfred: Ensure processed change_iface packet is 0-terminated
A client sending a alfred_change_interface_v0 packet to the alfred server
might have forgotten to 0-terminate the string. In this case, strstr in
unix_sock_change_iface might read outside of the available buffer.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Origin: upstream, https://git.open-mesh.org/alfred.git/commit/d2d27e4b9d697928d21dfa5c79908618ef8b56ac
--- a/unix_sock.c
+++ b/unix_sock.c
@@ -329,6 +329,8 @@ unix_sock_change_iface(struct globals *g
if (len < (int)(sizeof(*change_iface) - sizeof(change_iface->header)))
goto err;
+ change_iface->ifaces[sizeof(change_iface->ifaces) - 1] = '\0';
+
if (globals->opmode == OPMODE_SECONDARY) {
if (strstr(change_iface->ifaces, ",") != NULL) {
ret = -EINVAL;

22
alfred/patches/0002-alfred-Ensure-processed-change_bat_iface-packet-is-0.patch Normal file
View File

@ -0,0 +1,22 @@
From: Sven Eckelmann <sven@narfation.org>
Date: Sat, 19 Feb 2022 08:51:28 +0100
Subject: alfred: Ensure processed change_bat_iface packet is 0-terminated
A client sending a alfred_change_bat_iface_v0 packet to the alfred server
might have forgotten to 0-terminate the string. In this case, strdup in
alfred_change_bat_iface_v0 might read outside of the available buffer.
Fixes: b96cc742ef3e ("alfred: introduce 'change batman-adv interface' IPC call")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Origin: upstream, https://git.open-mesh.org/alfred.git/commit/6beca03bdafd24cc46b4aa7ff2b87612471bdab0
--- a/unix_sock.c
+++ b/unix_sock.c
@@ -360,6 +360,7 @@ unix_sock_change_bat_iface(struct global
goto err;
free(globals->mesh_iface);
+ change_bat_iface->bat_iface[sizeof(change_bat_iface->bat_iface) - 1] = '\0';
globals->mesh_iface = strdup(change_bat_iface->bat_iface);
ret = 0;