This is based on Petr's "[PATCH uci 0/6] fixes and improvements" patches.
This fixes an additional heap read overflow and some other problems I discovered by analyzing and fixing the problem. Changelog: v1: - only "file: Check buffer size after strtok()" Hauke Mehrtens (4): file: use size_t for position and pointer file: Check buffer size after strtok() ucimap: Check return of malloc() Replace malloc() + memset() with calloc() cli.c | 3 +- file.c | 33 +++++++++++++------ libuci.c | 5 ++- tests/cram/test-san_uci_import.t | 1 + tests/cram/test_uci_import.t | 1 + .../2e18ecc3a759dedc9357b1298e9269eccc5c5a6b | 1 + uci_internal.h | 9 ++--- ucimap.c | 12 +++---- util.c | 3 +- 9 files changed, 41 insertions(+), 27 deletions(-) create mode 100644 tests/fuzz/corpus/2e18ecc3a759dedc9357b1298e9269eccc5c5a6b -- 2.20.1 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel