[OpenWrt-Devel] [PATCH libubox] blob: Check remaining size in blob_parse()
Hauke Mehrtens
hauke at hauke-m.de
Sun Jan 26 10:14:39 EST 2020
This extends the blob_parse() function to check that no inner attribute
is bigger than the outside attribute. The blob_parse_untrusted() should
be used when we know the size of blob_attr *attr, in some other way.
Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
blob.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/blob.c b/blob.c
index 528e717..0ed6c80 100644
--- a/blob.c
+++ b/blob.c
@@ -295,9 +295,10 @@ blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_at
struct blob_attr *pos;
int found = 0;
size_t rem;
+ size_t len = blob_raw_len(attr);
memset(data, 0, sizeof(struct blob_attr *) * max);
- blob_for_each_attr(pos, attr, rem) {
+ blob_for_each_attr_len(pos, attr, len, rem) {
found += blob_parse_attr(pos, rem, data, info, max);
}
--
2.20.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list