[PATCH 19.07 ubus 0/3] backport fixes for UAF and other issues
Petr Štetiar
ynezz at true.cz
Wed Feb 16 02:43:35 PST 2022
Hi,
I would like to backport following fixes, where at least commit 2099bb3ad997
("libubus: use list_empty/list_first_entry in ubus_process_pending_msg") fixes
UAF issue I've introduced in commit c5f2053dfcfd ("workaround possibly false
positive uses of memory after it is freed") while fixing another false
positive UAF reported[1] by clang's static analyzer.
Those fixes are being used in master/21.02 for about 6 months, so should be
tested enough and considered for backporting. I've just runtested those fixes
on mvebu/turris-omnia and ipq40xx/glinet-b1300 devices.
1. https://openwrt.gitlab.io/-/project/ubus/-/jobs/2096090992/artifacts/build/scan/2022-02-15-150310-70-1/index.html
Cheers,
Petr
Felix Fietkau (3):
libubus: use list_empty/list_first_entry in ubus_process_pending_msg
libubus: process pending messages in data handler if stack depth is 0
libubus: increase stack depth for processing obj msgs
libubus-io.c | 10 +++++++++-
libubus.c | 7 +++++--
2 files changed, 14 insertions(+), 3 deletions(-)
More information about the openwrt-devel
mailing list