[PATCH uci v2 0/4] uci: Fix multiple bugs
Hauke Mehrtens
hauke at hauke-m.de
Sun Oct 4 11:14:47 EDT 2020
This is based on Petr's "[PATCH uci 0/6] fixes and improvements" patches.
This fixes an additional heap read overflow and some other problems I
discovered by analyzing and fixing the problem.
Changelog:
v1:
- only "file: Check buffer size after strtok()"
Hauke Mehrtens (4):
file: use size_t for position and pointer
file: Check buffer size after strtok()
ucimap: Check return of malloc()
Replace malloc() + memset() with calloc()
cli.c | 3 +-
file.c | 33 +++++++++++++------
libuci.c | 5 ++-
tests/cram/test-san_uci_import.t | 1 +
tests/cram/test_uci_import.t | 1 +
.../2e18ecc3a759dedc9357b1298e9269eccc5c5a6b | 1 +
uci_internal.h | 9 ++---
ucimap.c | 12 +++----
util.c | 3 +-
9 files changed, 41 insertions(+), 27 deletions(-)
create mode 100644 tests/fuzz/corpus/2e18ecc3a759dedc9357b1298e9269eccc5c5a6b
--
2.20.1
More information about the openwrt-devel
mailing list