[PATCH uci v2 0/4] uci: Fix multiple bugs

Hauke Mehrtens hauke at hauke-m.de
Sun Oct 4 11:14:47 EDT 2020


This is based on Petr's "[PATCH uci 0/6] fixes and improvements" patches.

This fixes an additional heap read overflow and some other problems I 
discovered by analyzing and fixing the problem.

Changelog:
v1:
 - only "file: Check buffer size after strtok()"

Hauke Mehrtens (4):
  file: use size_t for position and pointer
  file: Check buffer size after strtok()
  ucimap: Check return of malloc()
  Replace malloc() + memset() with calloc()

 cli.c                                         |  3 +-
 file.c                                        | 33 +++++++++++++------
 libuci.c                                      |  5 ++-
 tests/cram/test-san_uci_import.t              |  1 +
 tests/cram/test_uci_import.t                  |  1 +
 .../2e18ecc3a759dedc9357b1298e9269eccc5c5a6b  |  1 +
 uci_internal.h                                |  9 ++---
 ucimap.c                                      | 12 +++----
 util.c                                        |  3 +-
 9 files changed, 41 insertions(+), 27 deletions(-)
 create mode 100644 tests/fuzz/corpus/2e18ecc3a759dedc9357b1298e9269eccc5c5a6b

-- 
2.20.1




More information about the openwrt-devel mailing list