diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2020-01-21 23:58:30 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2020-01-27 21:44:28 +0100 |
| commit | cc0a54e3326d6329d85106d93d4083df380dac09 (patch) | |
| tree | 25a5238aa80d0a2ad920a94e86bd988d775fc48b /package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch | |
| parent | ebafb746f03e642740159614245e67017734db29 (diff) | |
| download | upstream-cc0a54e3326d6329d85106d93d4083df380dac09.tar.gz upstream-cc0a54e3326d6329d85106d93d4083df380dac09.tar.bz2 upstream-cc0a54e3326d6329d85106d93d4083df380dac09.zip | |
libubox: backport security patches
This backports some security relevant patches from libubox master. These
patches should not change the existing API and ABI so that old
applications still work like before without any recompilation.
Application can now also use more secure APIs.
The new more secure interfaces are also available, but not used.
OpenWrt master and 19.07 already have these patches by using a more
recent libubox version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch')
| -rw-r--r-- | package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch b/package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch new file mode 100644 index 0000000000..2ebbfc6c47 --- /dev/null +++ b/package/libs/libubox/patches/0011-blobmsg-fix-wrong-payload-len-passed-from-blobmsg_ch.patch @@ -0,0 +1,38 @@ +From d0f05d5e6873b30315127d47abbf4ac9f3c8bfb7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz> +Date: Sat, 28 Dec 2019 19:00:39 +0100 +Subject: blobmsg: fix wrong payload len passed from blobmsg_check_array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fix incorrect use of blob_raw_len() on passed blobmsg to +blobmsg_check_array_len() introduced in commit b0e21553ae8c ("blobmsg: +add _len variants for all attribute checking methods") by using correct +blobmsg_len(). + +This wrong (higher) length was then for example causing issues in +procd's instance_config_parse_command() where blobmsg_check_attr_list() +was failing sanity checking of service command, thus resulting in the +startup failures of some services like collectd, nlbwmon and samba4. + +Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020840.html +Fixes: b0e21553ae8c ("blobmsg: add _len variants for all attribute checking methods") +Reported-by: Hannu Nyman <hannu.nyman@welho.com> +Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> +Signed-off-by: Petr Štetiar <ynezz@true.cz> +--- + blobmsg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/blobmsg.c ++++ b/blobmsg.c +@@ -101,7 +101,7 @@ bool blobmsg_check_attr_len(const struct + + int blobmsg_check_array(const struct blob_attr *attr, int type) + { +- return blobmsg_check_array_len(attr, type, blob_raw_len(attr)); ++ return blobmsg_check_array_len(attr, type, blobmsg_len(attr)); + } + + int blobmsg_check_array_len(const struct blob_attr *attr, int type, size_t len) |