[OpenWrt-Devel] Вторая мировая война. День за днём — документальный цикл, наиболее полная киноистория. 05_08_2019 02_10 199508
The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software.--- Begin Message --- ВТОРАЯ МИРОВАЯ ВОЙНА. ДЕНЬ ЗА ДНЁМ. В честь Великой Победы над фашизмом, предлагаем Вам, пожалуй, самую полную, прекрасно воссозданную киноисторию второй мировой войны, документальный цикл "Вторая мировая война. Днем за днем”. Вторая мировая война 1939-1945 гг., как известно, стала самым кровопролитным и беспрецедентным по жестокости военным конфликтом в истории человечества. Победа в этой войне войск союзников, противостоящих силам Германии, Японии и Италии, вовсе не была предопределена с самого начала, как многим представляется в наши дни. Документальный цикл расскажет о временном промежутке, начиная с 1 сентября 1939 по 2 сентября 1945. Позволит увидеть большую войну в совершенно необычном ракурсе, как непрерывное действие и противодействие воюющих держав. Вас ждёт дальняя и загадочная дорога по полям сражений, штабам, архивам и секретам Второй мировой войны. Каждая серия повествует об отдельно взятом месяце и всех ключевых событиях, произошедших за этот период времени. Однако, самым главным событиям, повлиявшим на ход войны, будут посвящены по две серии. Авторы и ведущие – это известные Санкт-Петербургские историки: Правдюк Виктор Сергеевич; Александров Кирилл Михайлович; Терещук Андрей Васильевич. Предлагаемый фундаментальный труд содержит большое количество уникальных материалов: кинохроника событий, десятки воспоминаний очевидцев и участников боевых действий, в том числе незаслуженно забытых, личные архивы командующих и руководителей стран. Большинство материалов были взяты из закрытых архивных фондов, которые ранее не были доступны широкому кругу людей. Предлагаем проникнуться атмосферой этого документального, но, несмотря на сей факт, такого живого и правдивого кинопроизведения, а новые факты нам раскроют глаза на многие моменты войны. ! Список серий, описание каждой из них, вы можете увидеть в прикреплённом к письму файле ! Предлагаемый документальный цикл состоит из 96 серий, продолжительность каждой серии ~30 минут, общая продолжительность ~48 часов. Записана на внешний USB накопитель (флешка). Проблем с воспроизведением не возникнет, можно смотреть на компьютере, планшете, смартфоне, телевизоре и т.д. Запись на внешний USB накопитель имеет ряд преимуществ в сравнении с обычными DVD дисками, USB накопитель гораздо легче, занимает меньше места, обладает высокой надёжностью сохранности записей, а это значит, что наша коллекция будет радовать Вас много лет. Мы гарантируем отличное качество всех записей. На самом носителе создана продуманная структура, все записи разнесены по каталогам, имеются плейлисты, прописаны теги, а также полный список вошедших записей, поэтому проблем с поиском и навигацией не возникнет. Стоимость коллекции на внешнем USB накопителе — 6500 (Шесть Тысяч Пятьсот) Рублей. Продаются только вместе. Доставка включена в стоимость. Доставка и оплата коллекции осуществляется только по России — почтой, наложенным платежом, никакой предоплаты не требуется, оплата только в момент получения на почте, доставка включена в стоимость. Сроки доставки зависят от расстояния и степени загрузки почты, но как правило это 7-14 суток с момента отправки. Напоминаем, что у нас нет курьерской доставки — только почтой, в том числе и по Москве. Для оформления заказа просьба не забывать указывать: --- Ваш почтовый индекс (пишите правильный индекс — это ускорит доставку); --- Ваш город и точный адрес (название улицы, номер дома и номер квартиры); --- Ф.И.О. получателя и ОБЯЗАТЕЛЬНО номер контактного телефона (лучше сотовый); Заказы\вопросы направляйте по адресу: world...@cwhflash.ru Мы очень ответственно относимся к качеству нашего товара, поэтому перед отправкой всё дополнительно проверяется, как следствие отправка бракованной продукции сведена к нулю. Товар упаковывается в специальный ударостойкий материал, что в значительной степени уменьшает риск повреждения при транспортировке. Если вдруг с полученным товаром возникнут проблемы, то все наши покупатели всегда могут рассчитывать на квалифицированную техническую поддержку. Мы никогда не отказываемся от гарантийных обязательств, в случае проблемы Вы можете рассчитывать на замену, почтовые расходы мы берём на себя. По вашему желанию, данная коллекция может быть записана на DVD диски. Для записи используются надёжные DVD диски со специальным покрытием, которое повышает устойчивость диска к механическим повреждениям, таким как трещины и царапины, а это значит, что наша коллекция будет радовать Вас много лет. Коллекция упакована в пластиковые боксы (slim-dvd), имеет красивые и продуманные обложки, с обратной стороны которых указан список вошедших на каждый диск серий и другая полезная информация, поэтому проблем с поиском и
Re: [OpenWrt-Devel] [PATCH 19.07] ath79: add support for gl-ar750
Paul, Am Samstag, 14. Dezember 2019, 00:10:28 CET schrieb Paul Fertser: > Also, if you're going to improve the patch, I've noticed you have no > DTS designations for how the LEDs are to be used (aliases for led-boot > etc) and no label_mac assignment. Not sure if that's important. As the router is in a hidden location, I never checked the Leds ... Probably I should. But at least the board is running stable for me. Sven ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 09/16] add fuzzer and cram based unit tests
For improved QA etc.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt| 16 +
tests/CMakeLists.txt | 18 ++
tests/cram/CMakeLists.txt | 22 +++
tests/cram/test_ubus.t| 58 ++
tests/cram/test_ubusd.t | 24
tests/fuzz/CMakeLists.txt | 18 ++
.../05fe405753166f125559e7c9ac558654f107c7e9 | Bin 0 -> 8 bytes
.../0660e49c13f6d167a8298d885f724bad8f62fc35 | Bin 0 -> 8 bytes
.../37dadeab8d8ce7611f230f9524c1e8ab751c4a6a | Bin 0 -> 8 bytes
.../71520a5c4b5ca73903216857abbad54a8002d44a | Bin 0 -> 2 bytes
.../73c72a4d2bd1cd31b0b44256a888feec9eaaba27 | Bin 0 -> 9 bytes
.../8db068f76b98df8730f5308b12c793fdf04c47c2 | Bin 0 -> 8 bytes
.../c1dfd96eea8cc2b62785275bca38ac261256e278 | 1 +
.../c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 | Bin 0 -> 3 bytes
...h-1b8fb1be45db3aff7699100f497fb74138f3df4f | Bin 0 -> 6 bytes
...h-4c4d2c3c9ade5da9347534e290305c3b9760f627 | Bin 0 -> 17 bytes
...h-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b | Bin 0 -> 86 bytes
...h-75b146c4e6fac64d3e62236b27c64b50657bab2a | Bin 0 -> 4 bytes
...h-813f3e68661da09c26d4a87dbb9d5099e92be50f | Bin 0 -> 36 bytes
...h-98595faa58ba01d85ba4fd0b109cd3d490b45795 | Bin 0 -> 6 bytes
...h-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 | 1 +
...h-df9d1243057b27bbad6211e5a23d1cb699028aa2 | Bin 0 -> 16 bytes
...h-e2fd5ecb3b37926743256f1083f47a07c39e10c2 | Bin 0 -> 66 bytes
.../e2814b29dd2fd5db02b1ab7c5e147e1194a489ce | Bin 0 -> 8 bytes
tests/fuzz/corpus/valid-blobmsg.bin | Bin 0 -> 176 bytes
tests/fuzz/test-fuzz.c| 40
26 files changed, 198 insertions(+)
create mode 100644 tests/CMakeLists.txt
create mode 100644 tests/cram/CMakeLists.txt
create mode 100644 tests/cram/test_ubus.t
create mode 100644 tests/cram/test_ubusd.t
create mode 100644 tests/fuzz/CMakeLists.txt
create mode 100644 tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9
create mode 100644 tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35
create mode 100644 tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6a
create mode 100644 tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
create mode 100644 tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27
create mode 100644 tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2
create mode 100644 tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
create mode 100644 tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
create mode 100644
tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
create mode 100644
tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
create mode 100644
tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
create mode 100644
tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
create mode 100644
tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
create mode 100644
tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
create mode 100644
tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
create mode 100644
tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
create mode 100644
tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
create mode 100644 tests/fuzz/corpus/e2814b29dd2fd5db02b1ab7c5e147e1194a489ce
create mode 100644 tests/fuzz/corpus/valid-blobmsg.bin
create mode 100644 tests/fuzz/test-fuzz.c
diff --git a/CMakeLists.txt b/CMakeLists.txt
index dc6e42847086..5c0f760d031c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -41,6 +41,15 @@ TARGET_LINK_LIBRARIES(ubus ${ubox_library})
find_library(json NAMES json-c json)
+MACRO(ADD_UNIT_TEST_SAN name output_name)
+ ADD_EXECUTABLE(${name}-san ${name}.c)
+ TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer
-fsanitize=undefined,address,leak -fno-sanitize-recover=all)
+ TARGET_LINK_OPTIONS(${name}-san PRIVATE -fsanitize=undefined,address,leak)
+ TARGET_LINK_LIBRARIES(${name}-san ubus ubusd_library ${ubox_library}
${blob_library} ${json})
+ TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR})
+ SET_TARGET_PROPERTIES(${name}-san PROPERTIES OUTPUT_NAME ${output_name})
+ENDMACRO(ADD_UNIT_TEST_SAN)
+
ADD_LIBRARY(ubusd_library STATIC ubusd.c ubusd_proto.c ubusd_id.c ubusd_obj.c
ubusd_event.c ubusd_acl.c ubusd_monitor.c)
ADD_EXECUTABLE(ubusd ubusd_main.c)
TARGET_LINK_LIBRARIES(ubusd ubusd_library ${ubox_library} ${blob_library}
${json})
@@ -52,6 +61,13 @@ TARGET_LINK_LIBRARIES(cli ubus ${ubox_library}
${blob_library} ${json})
ADD_SUBDIRECTORY(lua)
ADD_SUBDIRECTORY(examples)
+IF(UNIT_TESTING)
+ ENABLE_TESTING()
+ ADD_SUBDIRECTORY(tests)
+ ADD_UNIT_TEST_SAN(cli ubus-san)
+ ADD_UNIT_TEST_SAN(ubusd_main ubusd-san)
+ENDIF()
+
INSTALL(TARGETS ubus cli
ARCHIVE DESTINATION lib
[OpenWrt-Devel] [PATCH ubus 15/16] ubus_monitor: workaround possibly false positive uses of memory after it is freed
scan-build from clang-9 has reported following: libubox/list.h:141:2: warning: Use of memory after it is freed _list_add(_new, head, head->next); Signed-off-by: Petr Štetiar --- ubusd_monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ubusd_monitor.c b/ubusd_monitor.c index 501e06d0716c..bba741e86987 100644 --- a/ubusd_monitor.c +++ b/ubusd_monitor.c @@ -41,7 +41,7 @@ ubusd_monitor_connect(struct ubus_client *cl, struct ubus_msg_buf *ub) return false; m->cl = cl; - list_add(>list, ); + list_add_tail(>list, ); return true; } ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 16/16] fix blob parsing vulnerability by using blob_parse_untrusted
blob_parse expects blobs from trusted inputs, but it can be supplied
with possibly malicious blobs from untrusted inputs as well, which might
lead to undefined behaviour and/or crash of ubus daemon. In order to
prevent such conditions, switch to blob_parse_untrusted which should
hopefully handle such untrusted inputs appropriately.
Signed-off-by: Petr Štetiar
---
cli.c | 2 +-
libubus-internal.h | 2 +-
libubus-io.c | 4 ++--
libubus-obj.c | 6 +++---
libubus-req.c | 6 +++---
libubus.c | 4 ++--
tests/fuzz/test-fuzz.c | 2 +-
ubusd.h| 2 +-
ubusd_acl.c| 2 +-
ubusd_proto.c | 6 +++---
10 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/cli.c b/cli.c
index 421f244ad9dc..f566279b4f6d 100644
--- a/cli.c
+++ b/cli.c
@@ -472,7 +472,7 @@ ubus_cli_monitor_cb(struct ubus_context *ctx, uint32_t seq,
struct blob_attr *ms
bool send;
char *data;
- blob_parse(msg, tb, policy, UBUS_MONITOR_MAX);
+ blob_parse_untrusted(msg, blob_raw_len(msg), tb, policy,
UBUS_MONITOR_MAX);
if (!tb[UBUS_MONITOR_CLIENT] ||
!tb[UBUS_MONITOR_PEER] ||
diff --git a/libubus-internal.h b/libubus-internal.h
index 8cf99b3bc6b1..24477a032144 100644
--- a/libubus-internal.h
+++ b/libubus-internal.h
@@ -17,7 +17,7 @@
extern struct blob_buf b;
extern const struct ubus_method watch_method;
-struct blob_attr **ubus_parse_msg(struct blob_attr *msg);
+struct blob_attr **ubus_parse_msg(struct blob_attr *msg, size_t len);
bool ubus_validate_hdr(struct ubus_msghdr *hdr);
void ubus_handle_data(struct uloop_fd *u, unsigned int events);
int ubus_send_msg(struct ubus_context *ctx, uint32_t seq,
diff --git a/libubus-io.c b/libubus-io.c
index 81c1cd1309b1..ba1016d0fa09 100644
--- a/libubus-io.c
+++ b/libubus-io.c
@@ -43,9 +43,9 @@ static const struct blob_attr_info ubus_policy[UBUS_ATTR_MAX]
= {
static struct blob_attr *attrbuf[UBUS_ATTR_MAX];
-__hidden struct blob_attr **ubus_parse_msg(struct blob_attr *msg)
+__hidden struct blob_attr **ubus_parse_msg(struct blob_attr *msg, size_t len)
{
- blob_parse(msg, attrbuf, ubus_policy, UBUS_ATTR_MAX);
+ blob_parse_untrusted(msg, len, attrbuf, ubus_policy, UBUS_ATTR_MAX);
return attrbuf;
}
diff --git a/libubus-obj.c b/libubus-obj.c
index 2580b2442c4b..29cbb2b98e6e 100644
--- a/libubus-obj.c
+++ b/libubus-obj.c
@@ -121,7 +121,7 @@ void __hidden ubus_process_obj_msg(struct ubus_context
*ctx, struct ubus_msghdr_
struct ubus_object *obj;
uint32_t objid;
void *prev_data = NULL;
- attrbuf = ubus_parse_msg(buf->data);
+ attrbuf = ubus_parse_msg(buf->data, blob_raw_len(buf->data));
if (!attrbuf[UBUS_ATTR_OBJID])
return;
@@ -160,7 +160,7 @@ void __hidden ubus_process_obj_msg(struct ubus_context
*ctx, struct ubus_msghdr_
static void ubus_add_object_cb(struct ubus_request *req, int type, struct
blob_attr *msg)
{
struct ubus_object *obj = req->priv;
- struct blob_attr **attrbuf = ubus_parse_msg(msg);
+ struct blob_attr **attrbuf = ubus_parse_msg(msg, blob_raw_len(msg));
if (!attrbuf[UBUS_ATTR_OBJID])
return;
@@ -240,7 +240,7 @@ int ubus_add_object(struct ubus_context *ctx, struct
ubus_object *obj)
static void ubus_remove_object_cb(struct ubus_request *req, int type, struct
blob_attr *msg)
{
struct ubus_object *obj = req->priv;
- struct blob_attr **attrbuf = ubus_parse_msg(msg);
+ struct blob_attr **attrbuf = ubus_parse_msg(msg, blob_raw_len(msg));
if (!attrbuf[UBUS_ATTR_OBJID])
return;
diff --git a/libubus-req.c b/libubus-req.c
index fd9a548839e4..ae9d1925ecdf 100644
--- a/libubus-req.c
+++ b/libubus-req.c
@@ -31,7 +31,7 @@ static void req_data_cb(struct ubus_request *req, int type,
struct blob_attr *da
if (!req->data_cb)
return;
- attr = ubus_parse_msg(data);
+ attr = ubus_parse_msg(data, blob_raw_len(data));
if (!attr[UBUS_ATTR_DATA])
return;
@@ -328,7 +328,7 @@ int ubus_notify(struct ubus_context *ctx, struct
ubus_object *obj,
static bool ubus_get_status(struct ubus_msghdr_buf *buf, int *ret)
{
- struct blob_attr **attrbuf = ubus_parse_msg(buf->data);
+ struct blob_attr **attrbuf = ubus_parse_msg(buf->data,
blob_raw_len(buf->data));
if (!attrbuf[UBUS_ATTR_STATUS])
return false;
@@ -435,7 +435,7 @@ static void ubus_process_notify_status(struct ubus_request
*req, int id, struct
if (!id) {
/* first id: ubusd's status message with a list of ids */
- tb = ubus_parse_msg(buf->data);
+ tb = ubus_parse_msg(buf->data, blob_raw_len(buf->data));
if (tb[UBUS_ATTR_SUBSCRIBERS]) {
blob_for_each_attr(cur, tb[UBUS_ATTR_SUBSCRIBERS], rem)
{
if
[OpenWrt-Devel] [PATCH ubus 12/16] workaround possibly false positive uses of memory after it is freed
scan-build from clang-9 has reported following:
libubox/list.h:83:22: warning: Use of memory after it is freed
entry->next->prev = entry->prev;
^~~
ubusd_event.c:42:3: warning: Use of memory after it is freed
ubusd_delete_event_source(ev);
^
Which might be a false positives, but in order to make the code pass the
static analyzer checks, rewrite the while loops on lists with the safe
list iterator.
Signed-off-by: Petr Štetiar
---
libubus-req.c | 6 ++
libubus.c | 8 +---
ubusd_event.c | 5 ++---
ubusd_obj.c | 5 ++---
ubusd_proto.c | 6 +++---
5 files changed, 14 insertions(+), 16 deletions(-)
diff --git a/libubus-req.c b/libubus-req.c
index 97785a1e24cd..fd9a548839e4 100644
--- a/libubus-req.c
+++ b/libubus-req.c
@@ -40,11 +40,9 @@ static void req_data_cb(struct ubus_request *req, int type,
struct blob_attr *da
static void __ubus_process_req_data(struct ubus_request *req)
{
- struct ubus_pending_data *data;
+ struct ubus_pending_data *data, *tmp;
- while (!list_empty(>pending)) {
- data = list_first_entry(>pending,
- struct ubus_pending_data, list);
+ list_for_each_entry_safe(data, tmp, >pending, list) {
list_del(>list);
if (!req->cancelled)
req_data_cb(req, data->type, data->data);
diff --git a/libubus.c b/libubus.c
index 846ae83bcc12..b405891416c2 100644
--- a/libubus.c
+++ b/libubus.c
@@ -115,10 +115,12 @@ ubus_process_msg(struct ubus_context *ctx, struct
ubus_msghdr_buf *buf, int fd)
static void ubus_process_pending_msg(struct uloop_timeout *timeout)
{
struct ubus_context *ctx = container_of(timeout, struct ubus_context,
pending_timer);
- struct ubus_pending_msg *pending;
+ struct ubus_pending_msg *pending, *tmp;
+
+ list_for_each_entry_safe(pending, tmp, >pending, list) {
+ if (ctx->stack_depth)
+ break;
- while (!ctx->stack_depth && !list_empty(>pending)) {
- pending = list_first_entry(>pending, struct
ubus_pending_msg, list);
list_del(>list);
ubus_process_msg(ctx, >hdr, -1);
free(pending);
diff --git a/ubusd_event.c b/ubusd_event.c
index d36bcb73ddda..ef433f81a71e 100644
--- a/ubusd_event.c
+++ b/ubusd_event.c
@@ -35,10 +35,9 @@ static void ubusd_delete_event_source(struct event_source
*evs)
void ubusd_event_cleanup_object(struct ubus_object *obj)
{
- struct event_source *ev;
+ struct event_source *ev, *tmp;
- while (!list_empty(>events)) {
- ev = list_first_entry(>events, struct event_source, list);
+ list_for_each_entry_safe(ev, tmp, >events, list) {
ubusd_delete_event_source(ev);
}
}
diff --git a/ubusd_obj.c b/ubusd_obj.c
index 0c9cb9ae8208..dd44882e08d5 100644
--- a/ubusd_obj.c
+++ b/ubusd_obj.c
@@ -20,13 +20,12 @@ struct avl_tree path;
static void ubus_unref_object_type(struct ubus_object_type *type)
{
- struct ubus_method *m;
+ struct ubus_method *m, *tmp;
if (--type->refcount > 0)
return;
- while (!list_empty(>methods)) {
- m = list_first_entry(>methods, struct ubus_method, list);
+ list_for_each_entry_safe(m, tmp, >methods, list) {
list_del(>list);
free(m);
}
diff --git a/ubusd_proto.c b/ubusd_proto.c
index 2d04b5a7da6e..4dd89ddb4939 100644
--- a/ubusd_proto.c
+++ b/ubusd_proto.c
@@ -519,12 +519,12 @@ free:
void ubusd_proto_free_client(struct ubus_client *cl)
{
- struct ubus_object *obj;
+ struct ubus_object *obj, *tmp;
- while (!list_empty(>objects)) {
- obj = list_first_entry(>objects, struct ubus_object, list);
+ list_for_each_entry_safe(obj, tmp, >objects, list) {
ubusd_free_object(obj);
}
+
ubus_msg_free(cl->retmsg);
blob_buf_free(>b);
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 13/16] ubus_common: remove duplicate ARRAY_SIZE and add missing include
ARRAY_SIZE is available from libubox/utils.h.
Signed-off-by: Petr Štetiar
---
ubus_common.h | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/ubus_common.h b/ubus_common.h
index 5e4d0ad94f8f..502e5c484a75 100644
--- a/ubus_common.h
+++ b/ubus_common.h
@@ -14,13 +14,11 @@
#ifndef __UBUS_COMMON_H
#define __UBUS_COMMON_H
+#include
+
#define UBUS_SIGNATURE_METHOD (BLOBMSG_TYPE_LAST + 1)
#define UBUS_SIGNATURE_END (BLOBMSG_TYPE_LAST + 2)
-#ifndef ARRAY_SIZE
-#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
-#endif
-
static inline bool ubus_strmatch_len(const char *s1, const char *s2, int *len)
{
for (*len = 0; s1[*len] == s2[*len]; (*len)++)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 14/16] ubusd_monitor: fix possible null pointer dereference
This dereference could possibly happen if the calloc call fails as the
return value is unchecked. While at it refactor the code little bit to
make it easier to follow, use safe list iterator and provide return
value for ubusd_monitor_connect.
Signed-off-by: Petr Štetiar
---
ubusd_monitor.c | 40 ++--
1 file changed, 30 insertions(+), 10 deletions(-)
diff --git a/ubusd_monitor.c b/ubusd_monitor.c
index fcbc6a4b10c0..501e06d0716c 100644
--- a/ubusd_monitor.c
+++ b/ubusd_monitor.c
@@ -29,7 +29,7 @@ ubusd_monitor_free(struct ubus_monitor *m)
free(m);
}
-static void
+static bool
ubusd_monitor_connect(struct ubus_client *cl, struct ubus_msg_buf *ub)
{
struct ubus_monitor *m;
@@ -37,22 +37,40 @@ ubusd_monitor_connect(struct ubus_client *cl, struct
ubus_msg_buf *ub)
ubusd_monitor_disconnect(cl);
m = calloc(1, sizeof(*m));
+ if (!m)
+ return false;
+
m->cl = cl;
list_add(>list, );
+
+ return true;
}
-void
-ubusd_monitor_disconnect(struct ubus_client *cl)
+static struct ubus_monitor*
+ubusd_monitor_find(struct ubus_client *cl)
{
- struct ubus_monitor *m;
+ struct ubus_monitor *m, *tmp;
- list_for_each_entry(m, , list) {
+ list_for_each_entry_safe(m, tmp, , list) {
if (m->cl != cl)
continue;
- ubusd_monitor_free(m);
- return;
+ return m;
}
+
+ return NULL;
+}
+
+void
+ubusd_monitor_disconnect(struct ubus_client *cl)
+{
+ struct ubus_monitor *m;
+
+ m = ubusd_monitor_find(cl);
+ if (!m)
+ return;
+
+ ubusd_monitor_free(m);
}
void
@@ -92,13 +110,15 @@ ubusd_monitor_recv(struct ubus_client *cl, struct
ubus_msg_buf *ub,
return UBUS_STATUS_PERMISSION_DENIED;
if (!strcmp(method, "add")) {
- ubusd_monitor_connect(cl, ub);
- return 0;
+ if (!ubusd_monitor_connect(cl, ub))
+ return UBUS_STATUS_UNKNOWN_ERROR;
+
+ return UBUS_STATUS_OK;
}
if (!strcmp(method, "remove")) {
ubusd_monitor_disconnect(cl);
- return 0;
+ return UBUS_STATUS_OK;
}
return UBUS_STATUS_METHOD_NOT_FOUND;
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 08/16] refactor ubusd.c into reusable ubusd_library
In order to allow reusability in unit testing & fuzzing.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt | 5 +-
libubus-internal.h | 1 +
libubus-io.c | 2 +-
ubusd.c| 269 +---
ubusd.h| 1 +
ubusd_main.c | 271 +
6 files changed, 278 insertions(+), 271 deletions(-)
create mode 100644 ubusd_main.c
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 866b3ab60168..dc6e42847086 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -41,8 +41,9 @@ TARGET_LINK_LIBRARIES(ubus ${ubox_library})
find_library(json NAMES json-c json)
-ADD_EXECUTABLE(ubusd ubusd.c ubusd_id.c ubusd_obj.c ubusd_proto.c
ubusd_event.c ubusd_acl.c ubusd_monitor.c)
-TARGET_LINK_LIBRARIES(ubusd ${ubox_library} ${blob_library} ${json})
+ADD_LIBRARY(ubusd_library STATIC ubusd.c ubusd_proto.c ubusd_id.c ubusd_obj.c
ubusd_event.c ubusd_acl.c ubusd_monitor.c)
+ADD_EXECUTABLE(ubusd ubusd_main.c)
+TARGET_LINK_LIBRARIES(ubusd ubusd_library ${ubox_library} ${blob_library}
${json})
ADD_EXECUTABLE(cli cli.c)
SET_TARGET_PROPERTIES(cli PROPERTIES OUTPUT_NAME ubus)
diff --git a/libubus-internal.h b/libubus-internal.h
index c4067d343817..8cf99b3bc6b1 100644
--- a/libubus-internal.h
+++ b/libubus-internal.h
@@ -18,6 +18,7 @@ extern struct blob_buf b;
extern const struct ubus_method watch_method;
struct blob_attr **ubus_parse_msg(struct blob_attr *msg);
+bool ubus_validate_hdr(struct ubus_msghdr *hdr);
void ubus_handle_data(struct uloop_fd *u, unsigned int events);
int ubus_send_msg(struct ubus_context *ctx, uint32_t seq,
struct blob_attr *msg, int cmd, uint32_t peer, int fd);
diff --git a/libubus-io.c b/libubus-io.c
index 120fb605e90a..81c1cd1309b1 100644
--- a/libubus-io.c
+++ b/libubus-io.c
@@ -215,7 +215,7 @@ static int recv_retry(struct ubus_context *ctx, struct
iovec *iov, bool wait, in
return total;
}
-static bool ubus_validate_hdr(struct ubus_msghdr *hdr)
+bool ubus_validate_hdr(struct ubus_msghdr *hdr)
{
struct blob_attr *data = (struct blob_attr *) (hdr + 1);
diff --git a/ubusd.c b/ubusd.c
index c020ff416a32..0d43977c0bde 100644
--- a/ubusd.c
+++ b/ubusd.c
@@ -12,21 +12,9 @@
*/
#include
-#include
-#include
#ifdef FreeBSD
#include
#endif
-#include
-#include
-#include
-#include
-#include
-
-#include
-#include
-#include
-#include
#include "ubusd.h"
@@ -92,7 +80,7 @@ void ubus_msg_free(struct ubus_msg_buf *ub)
}
}
-static ssize_t ubus_msg_writev(int fd, struct ubus_msg_buf *ub, size_t offset)
+ssize_t ubus_msg_writev(int fd, struct ubus_msg_buf *ub, size_t offset)
{
static struct iovec iov[2];
static struct {
@@ -177,258 +165,3 @@ void ubus_msg_send(struct ubus_client *cl, struct
ubus_msg_buf *ub)
}
ubus_msg_enqueue(cl, ub);
}
-
-static struct ubus_msg_buf *ubus_msg_head(struct ubus_client *cl)
-{
- return cl->tx_queue[cl->txq_cur];
-}
-
-static void ubus_msg_dequeue(struct ubus_client *cl)
-{
- struct ubus_msg_buf *ub = ubus_msg_head(cl);
-
- if (!ub)
- return;
-
- ubus_msg_free(ub);
- cl->txq_ofs = 0;
- cl->tx_queue[cl->txq_cur] = NULL;
- cl->txq_cur = (cl->txq_cur + 1) % ARRAY_SIZE(cl->tx_queue);
-}
-
-static void handle_client_disconnect(struct ubus_client *cl)
-{
- while (ubus_msg_head(cl))
- ubus_msg_dequeue(cl);
-
- ubusd_monitor_disconnect(cl);
- ubusd_proto_free_client(cl);
- if (cl->pending_msg_fd >= 0)
- close(cl->pending_msg_fd);
- uloop_fd_delete(>sock);
- close(cl->sock.fd);
- free(cl);
-}
-
-static void client_cb(struct uloop_fd *sock, unsigned int events)
-{
- struct ubus_client *cl = container_of(sock, struct ubus_client, sock);
- struct ubus_msg_buf *ub;
- static struct iovec iov;
- static struct {
- int fd;
- struct cmsghdr h;
- } fd_buf = {
- .h = {
- .cmsg_type = SCM_RIGHTS,
- .cmsg_level = SOL_SOCKET,
- .cmsg_len = sizeof(fd_buf),
- }
- };
- struct msghdr msghdr = {
- .msg_iov = ,
- .msg_iovlen = 1,
- };
-
- /* first try to tx more pending data */
- while ((ub = ubus_msg_head(cl))) {
- ssize_t written;
-
- written = ubus_msg_writev(sock->fd, ub, cl->txq_ofs);
- if (written < 0) {
- switch(errno) {
- case EINTR:
- case EAGAIN:
- break;
- default:
- goto disconnect;
- }
- break;
- }
-
- cl->txq_ofs += written;
- if (cl->txq_ofs < ub->len + sizeof(ub->hdr))
-
[OpenWrt-Devel] [PATCH ubus 10/16] lua: workaround false positive dereference of null pointer
scan-build from clang-9 has reported following:
ubus.c:837:16: warning: Access to field 'rnotify' results in a dereference of
a null pointer (loaded from variable 'sub')
sub->rnotify = luaL_ref(L, -2);
Which is false positive as the lua_error() does a long jump and
therefore never returns and this long jump probably confuses the static
analyzer. So this patch workarounds this false positive by helping
static analyzer by using common Lua idiom which is to return
lua_error()'s return value.
Ref: https://www.lua.org/manual/5.1/manual.html#lua_error
Addresses-Coverity-ID: 1412355 ("Dereference after null check")
Signed-off-by: Petr Štetiar
---
lua/ubus.c | 19 ++-
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/lua/ubus.c b/lua/ubus.c
index 6fbbc0686af3..fb50418d27b0 100644
--- a/lua/ubus.c
+++ b/lua/ubus.c
@@ -557,8 +557,7 @@ static int ubus_lua_add(lua_State *L)
/* verify top level object */
if (lua_istable(L, 1)) {
lua_pushstring(L, "you need to pass a table");
- lua_error(L);
- return 0;
+ return lua_error(L);
}
/* scan each object */
@@ -598,7 +597,7 @@ ubus_lua_notify( lua_State *L )
if( !lua_islightuserdata( L, 2 ) ){
lua_pushfstring( L, "Invald 2nd parameter, expected ubus obj
ref" );
- lua_error( L );
+ return lua_error( L );
}
obj = lua_touserdata( L, 2 );
@@ -606,7 +605,7 @@ ubus_lua_notify( lua_State *L )
blob_buf_init(>buf, 0);
if( !ubus_lua_format_blob_array( L, >buf, true ) ){
lua_pushfstring( L, "Invalid 4th parameter, expected table of
arguments" );
- lua_error( L );
+ return lua_error( L );
}
ubus_notify( c->ctx, obj, method, c->buf.head, -1 );
@@ -812,7 +811,7 @@ ubus_sub_notify_handler(struct ubus_context *ctx, struct
ubus_object *obj,
-static void
+static int
ubus_lua_do_subscribe( struct ubus_context *ctx, lua_State *L, const char*
target,
int idxnotify, int idxremove )
{
@@ -822,13 +821,13 @@ ubus_lua_do_subscribe( struct ubus_context *ctx,
lua_State *L, const char* targe
if( ( status = ubus_lookup_id( ctx, target, ) ) ){
lua_pushfstring( L, "Unable find target, status=%d", status );
- lua_error( L );
+ return lua_error( L );
}
sub = calloc( 1, sizeof( struct ubus_lua_subscriber ) );
if( !sub ){
lua_pushstring( L, "Out of memory" );
- lua_error( L );
+ return lua_error( L );
}
if( idxnotify ){
@@ -849,13 +848,15 @@ ubus_lua_do_subscribe( struct ubus_context *ctx,
lua_State *L, const char* targe
if( ( status = ubus_register_subscriber( ctx, >s ) ) ){
lua_pushfstring( L, "Failed to register subscriber, status=%d",
status );
- lua_error( L );
+ return lua_error( L );
}
if( ( status = ubus_subscribe( ctx, >s, id) ) ){
lua_pushfstring( L, "Failed to register subscriber, status=%d",
status );
- lua_error( L );
+ return lua_error( L );
}
+
+ return 0;
}
static int
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 06/16] add initial GitLab CI support
Uses currently proof-of-concept openwrt-ci[1] in order to: * improve the quality of the codebase in various areas * decrease code review time and help merging contributions faster * get automagic feedback loop on various platforms and tools - out of tree build with OpenWrt SDK on following targets: * ath79-generic * imx6-generic * malta-be * mvebu-cortexa53 - out of tree native build on x86/64 with GCC (versions 7, 8, 9) and Clang 10 - out of tree native x86/64 static code analysis with cppcheck and scan-build from Clang 9 1. https://gitlab.com/ynezz/openwrt-ci/ Signed-off-by: Petr Štetiar --- .gitlab-ci.yml | 7 +++ 1 file changed, 7 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index ..1b4d5a795865 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,7 @@ +variables: + CI_TARGET_BUILD_DEPENDS: ubus + CI_CMAKE_EXTRA_BUILD_ARGS: -DLUAPATH=/usr/lib/lua + +include: + - remote: https://gitlab.com/ynezz/openwrt-ci/raw/master/openwrt-ci/gitlab/main.yml + - remote: https://gitlab.com/ynezz/openwrt-ci/raw/master/openwrt-ci/gitlab/pipeline.yml ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 11/16] lua: ubus_lua_do_subscribe: fix copy error
Fix copy error in Lua ubus subscriber removal callback.
Addresses-Coverity-ID: 1412311 ("Copy-paste error")
Signed-off-by: Petr Štetiar
---
lua/ubus.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lua/ubus.c b/lua/ubus.c
index fb50418d27b0..86dcc5007b3a 100644
--- a/lua/ubus.c
+++ b/lua/ubus.c
@@ -840,8 +840,8 @@ ubus_lua_do_subscribe( struct ubus_context *ctx, lua_State
*L, const char* targe
if( idxremove ){
lua_getglobal(L, "__ubus_cb_subscribe");
- lua_pushvalue(L, idxnotify);
- sub->rnotify = luaL_ref(L, -2);
+ lua_pushvalue(L, idxremove);
+ sub->rremove = luaL_ref(L, -2);
lua_pop(L, 1);
sub->s.remove_cb = ubus_sub_remove_handler;
}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 07/16] examples: remove dead increments
Fixes following error reported by clang-9 analyzer: examples/server.c:244:2: warning: Value stored to 'argc' is never read argc -= optind; ^ ~~ examples/server.c:245:2: warning: Value stored to 'argv' is never read argv += optind; ^ ~~ Signed-off-by: Petr Štetiar --- examples/client.c | 3 --- examples/server.c | 3 --- 2 files changed, 6 deletions(-) diff --git a/examples/client.c b/examples/client.c index 7ef566347e54..aae09f480af4 100644 --- a/examples/client.c +++ b/examples/client.c @@ -220,9 +220,6 @@ int main(int argc, char **argv) } } - argc -= optind; - argv += optind; - uloop_init(); ctx = ubus_connect(ubus_socket); diff --git a/examples/server.c b/examples/server.c index 004eaf3a7ae1..0913fff0d016 100644 --- a/examples/server.c +++ b/examples/server.c @@ -241,9 +241,6 @@ int main(int argc, char **argv) } } - argc -= optind; - argv += optind; - uloop_init(); signal(SIGPIPE, SIG_IGN); ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 03/16] ubusd/libubus-io: fix variable sized struct position warning
Fixes following clang-9 compiler warnings:
ubusd.c:99:18: error: field 'h' with variable sized type 'struct cmsghdr' not
at the end of a struct or class is a GNU extension
[-Werror,-Wgnu-variable-sized-type-not-at-end]
struct cmsghdr h;
^
Signed-off-by: Petr Štetiar
---
libubus-io.c | 4 ++--
ubusd.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/libubus-io.c b/libubus-io.c
index 228af5ca279c..cdd1e6e1ed6a 100644
--- a/libubus-io.c
+++ b/libubus-io.c
@@ -60,8 +60,8 @@ static void wait_data(int fd, bool write)
static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
{
static struct {
- struct cmsghdr h;
int fd;
+ struct cmsghdr h;
} fd_buf = {
.h = {
.cmsg_len = sizeof(fd_buf),
@@ -159,8 +159,8 @@ static int recv_retry(struct ubus_context *ctx, struct
iovec *iov, bool wait, in
int bytes, total = 0;
int fd = ctx->sock.fd;
static struct {
- struct cmsghdr h;
int fd;
+ struct cmsghdr h;
} fd_buf = {
.h = {
.cmsg_type = SCM_RIGHTS,
diff --git a/ubusd.c b/ubusd.c
index 7738f50f9779..d6a72e73370b 100644
--- a/ubusd.c
+++ b/ubusd.c
@@ -96,8 +96,8 @@ static int ubus_msg_writev(int fd, struct ubus_msg_buf *ub,
int offset)
{
static struct iovec iov[2];
static struct {
- struct cmsghdr h;
int fd;
+ struct cmsghdr h;
} fd_buf = {
.h = {
.cmsg_len = sizeof(fd_buf),
@@ -216,8 +216,8 @@ static void client_cb(struct uloop_fd *sock, unsigned int
events)
struct ubus_msg_buf *ub;
static struct iovec iov;
static struct {
- struct cmsghdr h;
int fd;
+ struct cmsghdr h;
} fd_buf = {
.h = {
.cmsg_type = SCM_RIGHTS,
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 05/16] libubus: fix incompatible pointer types assigment
Fixes following error reported by clang-9 analyzer: libubus.c:286:19: error: incompatible pointer types assigning to 'struct blob_attr *' from 'char *' [-Werror,-Wincompatible-pointer-types] ctx->msgbuf.data = (char *) calloc(UBUS_MSG_CHUNK_SIZE, sizeof(char)); Result of 'calloc' is converted to a pointer of type 'struct blob_attr', which is incompatible with sizeof operand type 'char'. Signed-off-by: Petr Štetiar --- libubus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libubus.c b/libubus.c index 260e40f2f44b..846ae83bcc12 100644 --- a/libubus.c +++ b/libubus.c @@ -283,7 +283,7 @@ int ubus_connect_ctx(struct ubus_context *ctx, const char *path) ctx->connection_lost = ubus_default_connection_lost; ctx->pending_timer.cb = ubus_process_pending_msg; - ctx->msgbuf.data = calloc(UBUS_MSG_CHUNK_SIZE, sizeof(char)); + ctx->msgbuf.data = calloc(1, UBUS_MSG_CHUNK_SIZE); if (!ctx->msgbuf.data) return -1; ctx->msgbuf_data_len = UBUS_MSG_CHUNK_SIZE; ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 04/16] iron out all extra compiler warnings
clang-9 on x86/64 has reported following warnings/errors:
libubus-acl.c:123:2: error: comparison of integers of different signs:
'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
libubus-io.c:108:18: error: comparison of integers of different signs: 'int'
and 'size_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
libubus-io.c:395:56: error: comparison of integers of different signs:
'ssize_t' (aka 'long') and 'size_t' (aka 'unsigned long')
[-Werror,-Wsign-compare]
libubus-req.c:441:4: error: comparison of integers of different signs:
'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:119:18: error: comparison of integers of different signs: 'int'
and 'unsigned long' [-Werror,-Wsign-compare]
ubusd_acl.c:152:5: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:348:3: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:352:3: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:357:3: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:362:3: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:367:3: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
ubusd_acl.c:447:16: error: comparison of integers of different signs: 'int'
and '__size_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ubusd_acl.c:502:18: error: comparison of integers of different signs: 'int'
and 'unsigned long' [-Werror,-Wsign-compare]
ubusd.c:123:13: error: comparison of integers of different signs: 'int' and
'unsigned long' [-Werror,-Wsign-compare]
ubusd.c:170:15: error: comparison of integers of different signs: 'int' and
'unsigned long' [-Werror,-Wsign-compare]
ubusd.c:262:43: error: comparison of integers of different signs: 'int' and
'unsigned long' [-Werror,-Wsign-compare]
ubusd.c:287:30: error: comparison of integers of different signs: 'int' and
'unsigned long' [-Werror,-Wsign-compare]
ubusd_event.c:170:18: error: comparison of integers of different signs: 'int'
and 'unsigned long' [-Werror,-Wsign-compare]
ubusd_obj.c:71:2: error: comparison of integers of different signs: 'size_t'
(aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
Signed-off-by: Petr Štetiar
---
cli.c | 11 ++-
examples/server.c | 7 ---
libubus-acl.c | 2 +-
libubus-io.c | 6 +++---
libubus-req.c | 3 ++-
lua/ubus.c| 4 ++--
ubusd.c | 14 +++---
ubusd_acl.c | 10 +-
ubusd_event.c | 2 +-
ubusd_obj.c | 2 +-
10 files changed, 32 insertions(+), 29 deletions(-)
diff --git a/cli.c b/cli.c
index 19ccbb5093ce..421f244ad9dc 100644
--- a/cli.c
+++ b/cli.c
@@ -47,7 +47,7 @@ static const char *format_type(void *priv, struct blob_attr
*attr)
[BLOBMSG_TYPE_TABLE] = "\"Table\"",
};
const char *type = NULL;
- int typeid;
+ size_t typeid;
if (blob_id(attr) != BLOBMSG_TYPE_INT32)
return NULL;
@@ -65,7 +65,7 @@ static void receive_list_result(struct ubus_context *ctx,
struct ubus_object_dat
{
struct blob_attr *cur;
char *s;
- int rem;
+ size_t rem;
if (simple_output || !verbose) {
printf("%s\n", obj->path);
@@ -520,7 +520,7 @@ static int ubus_cli_monitor(struct ubus_context *ctx, int
argc, char **argv)
static int add_monitor_type(const char *type)
{
- int i;
+ size_t i;
for (i = 0; i < ARRAY_SIZE(monitor_types); i++) {
if (!monitor_types[i] || strcmp(monitor_types[i], type) != 0)
@@ -575,9 +575,10 @@ int main(int argc, char **argv)
{
const char *progname, *ubus_socket = NULL;
struct ubus_context *ctx;
- char *cmd;
int ret = 0;
- int i, ch;
+ char *cmd;
+ size_t i;
+ int ch;
progname = argv[0];
diff --git a/examples/server.c b/examples/server.c
index e0cde0bf3a86..004eaf3a7ae1 100644
--- a/examples/server.c
+++ b/examples/server.c
@@ -84,7 +84,7 @@ static int test_hello(struct ubus_context *ctx, struct
ubus_object *obj,
{
struct hello_request *hreq;
struct blob_attr *tb[__HELLO_MAX];
- const char *format = "%s received a message: %s";
+ const char format[] = "%s received a message: %s";
const char *msgstr = "(unknown)";
blobmsg_parse(hello_policy, ARRAY_SIZE(hello_policy), tb,
blob_data(msg), blob_len(msg));
@@ -92,11 +92,12 @@ static int test_hello(struct ubus_context *ctx, struct
ubus_object *obj,
if (tb[HELLO_MSG])
msgstr =
[OpenWrt-Devel] [PATCH ubus 00/16] GitLab CI, tests, fuzzing, fixes and improvements
Hi,
this patch series adds GitLab CI support, unit tests passed through Valgrind,
unit tests covered with Clang's {Address,Leak,UndefinedBehavior}Sanitizer,
fuzzing with libFuzzer and bunch of fixes uncovered by Coverity and this new
CI test suite.
Petr Štetiar (16):
cmake: enable extra compiler checks
ubusd: fix comparison of integers of different signs
ubusd/libubus-io: fix variable sized struct position warning
iron out all extra compiler warnings
libubus: fix incompatible pointer types assigment
add initial GitLab CI support
examples: remove dead increments
refactor ubusd.c into reusable ubusd_library
add fuzzer and cram based unit tests
lua: workaround false positive dereference of null pointer
lua: ubus_lua_do_subscribe: fix copy error
workaround possibly false positive uses of memory after it is freed
ubus_common: remove duplicate ARRAY_SIZE and add missing include
ubusd_monitor: fix possible null pointer dereference
ubus_monitor: workaround possibly false positive uses of memory after
it is freed
fix blob parsing vulnerability by using blob_parse_untrusted
.gitlab-ci.yml| 7 +
CMakeLists.txt| 29 +-
cli.c | 13 +-
examples/client.c | 3 -
examples/server.c | 10 +-
libubus-acl.c | 2 +-
libubus-internal.h| 3 +-
libubus-io.c | 16 +-
libubus-obj.c | 6 +-
libubus-req.c | 15 +-
libubus.c | 14 +-
lua/ubus.c| 27 +-
tests/CMakeLists.txt | 18 ++
tests/cram/CMakeLists.txt | 22 ++
tests/cram/test_ubus.t| 58
tests/cram/test_ubusd.t | 24 ++
tests/fuzz/CMakeLists.txt | 18 ++
.../05fe405753166f125559e7c9ac558654f107c7e9 | Bin 0 -> 8 bytes
.../0660e49c13f6d167a8298d885f724bad8f62fc35 | Bin 0 -> 8 bytes
.../37dadeab8d8ce7611f230f9524c1e8ab751c4a6a | Bin 0 -> 8 bytes
.../71520a5c4b5ca73903216857abbad54a8002d44a | Bin 0 -> 2 bytes
.../73c72a4d2bd1cd31b0b44256a888feec9eaaba27 | Bin 0 -> 9 bytes
.../8db068f76b98df8730f5308b12c793fdf04c47c2 | Bin 0 -> 8 bytes
.../c1dfd96eea8cc2b62785275bca38ac261256e278 | 1 +
.../c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 | Bin 0 -> 3 bytes
...h-1b8fb1be45db3aff7699100f497fb74138f3df4f | Bin 0 -> 6 bytes
...h-4c4d2c3c9ade5da9347534e290305c3b9760f627 | Bin 0 -> 17 bytes
...h-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b | Bin 0 -> 86 bytes
...h-75b146c4e6fac64d3e62236b27c64b50657bab2a | Bin 0 -> 4 bytes
...h-813f3e68661da09c26d4a87dbb9d5099e92be50f | Bin 0 -> 36 bytes
...h-98595faa58ba01d85ba4fd0b109cd3d490b45795 | Bin 0 -> 6 bytes
...h-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 | 1 +
...h-df9d1243057b27bbad6211e5a23d1cb699028aa2 | Bin 0 -> 16 bytes
...h-e2fd5ecb3b37926743256f1083f47a07c39e10c2 | Bin 0 -> 66 bytes
.../e2814b29dd2fd5db02b1ab7c5e147e1194a489ce | Bin 0 -> 8 bytes
tests/fuzz/corpus/valid-blobmsg.bin | Bin 0 -> 176 bytes
tests/fuzz/test-fuzz.c| 40 +++
ubus_common.h | 6 +-
ubusd.c | 285 +-
ubusd.h | 3 +-
ubusd_acl.c | 12 +-
ubusd_event.c | 7 +-
ubusd_main.c | 271 +
ubusd_monitor.c | 42 ++-
ubusd_obj.c | 7 +-
ubusd_proto.c | 12 +-
46 files changed, 603 insertions(+), 369 deletions(-)
create mode 100644 .gitlab-ci.yml
create mode 100644 tests/CMakeLists.txt
create mode 100644 tests/cram/CMakeLists.txt
create mode 100644 tests/cram/test_ubus.t
create mode 100644 tests/cram/test_ubusd.t
create mode 100644 tests/fuzz/CMakeLists.txt
create mode 100644 tests/fuzz/corpus/05fe405753166f125559e7c9ac558654f107c7e9
create mode 100644 tests/fuzz/corpus/0660e49c13f6d167a8298d885f724bad8f62fc35
create mode 100644 tests/fuzz/corpus/37dadeab8d8ce7611f230f9524c1e8ab751c4a6a
create mode 100644 tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
create mode 100644 tests/fuzz/corpus/73c72a4d2bd1cd31b0b44256a888feec9eaaba27
create mode 100644 tests/fuzz/corpus/8db068f76b98df8730f5308b12c793fdf04c47c2
create mode 100644 tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
create mode 100644 tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
create mode 100644
tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
create mode 100644
[OpenWrt-Devel] [PATCH ubus 01/16] cmake: enable extra compiler checks
Let's enforce additional automatic checks enforced by the compiler in order to catch possible errors during compilation. Signed-off-by: Petr Štetiar --- CMakeLists.txt | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f8ef4aa58ccf..866b3ab60168 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,7 +1,13 @@ cmake_minimum_required(VERSION 2.6) PROJECT(ubus C) -ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations) + +ADD_DEFINITIONS(-Wall -Werror) +IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6) + ADD_DEFINITIONS(-Wextra -Werror=implicit-function-declaration) + ADD_DEFINITIONS(-Wformat -Werror=format-security -Werror=format-nonliteral) +ENDIF() +ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) OPTION(BUILD_LUA "build Lua plugin" ON) OPTION(BUILD_EXAMPLES "build examples" ON) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ubus 02/16] ubusd: fix comparison of integers of different signs
Fixes following clang-9 compiler warning:
ubusd.c:36:19: error: comparison of integers of different signs: 'uint32_t'
(aka 'unsigned int') and 'int' [-Werror,-Wsign-compare]
if (ub->refcount == ~0) {
^ ~~
Signed-off-by: Petr Štetiar
---
ubusd.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/ubusd.c b/ubusd.c
index 0f35d3e25d34..7738f50f9779 100644
--- a/ubusd.c
+++ b/ubusd.c
@@ -30,10 +30,12 @@
#include "ubusd.h"
+#define USES_EXTERNAL_BUFFER ~0U
+
static struct ubus_msg_buf *ubus_msg_ref(struct ubus_msg_buf *ub)
{
struct ubus_msg_buf *new_ub;
- if (ub->refcount == ~0) {
+ if (ub->refcount == USES_EXTERNAL_BUFFER) {
new_ub = ubus_msg_new(ub->data, ub->len, false);
if (!new_ub)
return NULL;
@@ -61,7 +63,7 @@ struct ubus_msg_buf *ubus_msg_new(void *data, int len, bool
shared)
ub->fd = -1;
if (shared) {
- ub->refcount = ~0;
+ ub->refcount = USES_EXTERNAL_BUFFER;
ub->data = data;
} else {
ub->refcount = 1;
@@ -78,7 +80,7 @@ void ubus_msg_free(struct ubus_msg_buf *ub)
{
switch (ub->refcount) {
case 1:
- case ~0:
+ case USES_EXTERNAL_BUFFER:
if (ub->fd >= 0)
close(ub->fd);
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 7/9] fix possibly garbage value returned in cert_process_revoker
Fixes following warning reported by clang-9 scan-build analyzer:
ucert.c:585:2: warning: Undefined or garbage value returned to caller
return ret;
^~
Signed-off-by: Petr Štetiar
---
ucert.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ucert.c b/ucert.c
index 8503eeb26cd8..b9c5c889ddfa 100644
--- a/ucert.c
+++ b/ucert.c
@@ -508,7 +508,7 @@ static int cert_process_revoker(const char *certfile, const
char *pubkeydir) {
char *fingerprint;
char rfname[512];
- int ret;
+ int ret = -1;
if (cert_load(certfile, )) {
DPRINTF("cannot parse cert\n");
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 9/9] fix certificate blob parsing vulnerability by using blob_parse_untrusted
blob_parse expects blobs from trusted inputs, but in this case it can be
supplied with possibly malicious certificates from untrusted inputs as
well, so in order to prevent such conditions, switch to
blob_parse_untrusted which should hopefully handle such inputs
appropriately.
Signed-off-by: Petr Štetiar
---
ucert.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ucert.c b/ucert.c
index 76960a200be0..d822199eb7f8 100644
--- a/ucert.c
+++ b/ucert.c
@@ -154,7 +154,7 @@ static int cert_load(const char *certfile, struct list_head
*chain) {
bufpt = (struct blob_attr *)filebuf;
do {
- pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
+ pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy,
CERT_ATTR_MAX);
if (pret <= 0)
/* no attributes found */
break;
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 8/9] fix leaking memory in cert_dump_blob
Fixes following valgrind reported memory leak:
189 bytes in 1 blocks are definitely lost in loss record 3 of 4
at realloc
by blobmsg_format_json_with_cb
by blobmsg_format_json_indent
by cert_dump_blob (ucert.c:386)
by cert_dump (ucert.c:405)
by main (ucert.c:728)
Signed-off-by: Petr Štetiar
---
ucert.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/ucert.c b/ucert.c
index b9c5c889ddfa..76960a200be0 100644
--- a/ucert.c
+++ b/ucert.c
@@ -371,6 +371,7 @@ clean_and_return:
/* dump single chain element to console */
static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
int i;
+ char *json = NULL;
for (i = 0; i < CERT_ATTR_MAX; i++) {
struct blob_attr *v = cert[i];
@@ -383,7 +384,13 @@ static void cert_dump_blob(struct blob_attr
*cert[CERT_ATTR_MAX]) {
fprintf(stdout, "signature:\n---\n%s---\n", (char *)
blob_data(v));
break;
case BLOB_ATTR_NESTED:
- fprintf(stdout, "payload:\n---\n%s\n---\n",
blobmsg_format_json_indent(blob_data(v), false, 0));
+ json = blobmsg_format_json_indent(blob_data(v), false,
0);
+ if (!json) {
+ DPRINTF("cannot parse payload\n");
+ continue;
+ }
+ fprintf(stdout, "payload:\n---\n%s\n---\n", json);
+ free(json);
break;
}
}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 6/9] add cram based unit tests
For improved QA etc. for the start with initial test case for dump
command.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt| 14 +++
tests/CMakeLists.txt | 14 +++
tests/cram/CMakeLists.txt | 21 ++
tests/cram/inputs/invalid.ucert | Bin 0 -> 362 bytes
tests/cram/inputs/key-build.ucert | Bin 0 -> 356 bytes
tests/cram/test_ucert.t | 65 ++
6 files changed, 114 insertions(+)
create mode 100644 tests/CMakeLists.txt
create mode 100644 tests/cram/CMakeLists.txt
create mode 100644 tests/cram/inputs/invalid.ucert
create mode 100644 tests/cram/inputs/key-build.ucert
create mode 100644 tests/cram/test_ucert.t
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 443d79bd4e8b..71c005990335 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -19,6 +19,14 @@ FIND_LIBRARY(ubox NAMES ubox)
FIND_LIBRARY(blobmsg_json NAMES blobmsg_json)
FIND_LIBRARY(json NAMES json-c json)
+MACRO(ADD_UNIT_TEST_SAN name)
+ ADD_EXECUTABLE(${name}-san ${name}.c)
+ TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer
-fsanitize=undefined,address,leak -fno-sanitize-recover=all)
+ TARGET_LINK_OPTIONS(${name}-san PRIVATE
-fsanitize=undefined,address,leak)
+ TARGET_LINK_LIBRARIES(${name}-san ucert_lib ${ubox} ${blobmsg_json}
${json})
+ TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR})
+ENDMACRO(ADD_UNIT_TEST_SAN)
+
IF(UCERT_HOST_BUILD)
ADD_DEFINITIONS(-DUCERT_HOST_BUILD)
ENDIF()
@@ -39,4 +47,10 @@ ELSE()
TARGET_LINK_LIBRARIES(ucert ucert_lib ${ubox})
ENDIF()
+IF(UNIT_TESTING)
+ ENABLE_TESTING()
+ ADD_SUBDIRECTORY(tests)
+ ADD_UNIT_TEST_SAN(ucert)
+ENDIF()
+
INSTALL(TARGETS ucert RUNTIME DESTINATION bin)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
new file mode 100644
index ..efefc2e6cde7
--- /dev/null
+++ b/tests/CMakeLists.txt
@@ -0,0 +1,14 @@
+ADD_SUBDIRECTORY(cram)
+
+MACRO(ADD_UNIT_TEST name)
+ ADD_EXECUTABLE(${name} ${name}.c)
+ TARGET_LINK_LIBRARIES(${name} ubox blobmsg_json ${json})
+ TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR})
+ENDMACRO(ADD_UNIT_TEST)
+
+FILE(GLOB test_cases "test-*.c")
+FOREACH(test_case ${test_cases})
+ GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
+ ADD_UNIT_TEST(${test_case})
+ ADD_UNIT_TEST_SAN(${test_case})
+ENDFOREACH(test_case)
diff --git a/tests/cram/CMakeLists.txt b/tests/cram/CMakeLists.txt
new file mode 100644
index ..47247aa026a6
--- /dev/null
+++ b/tests/cram/CMakeLists.txt
@@ -0,0 +1,21 @@
+FIND_PACKAGE(PythonInterp 3 REQUIRED)
+FILE(GLOB test_cases "test_*.t")
+
+SET(PYTHON_VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/.venv")
+SET(PYTHON_VENV_PIP "${PYTHON_VENV_DIR}/bin/pip")
+SET(PYTHON_VENV_CRAM "${PYTHON_VENV_DIR}/bin/cram")
+
+ADD_CUSTOM_COMMAND(
+ OUTPUT ${PYTHON_VENV_CRAM}
+ COMMAND ${PYTHON_EXECUTABLE} -m venv ${PYTHON_VENV_DIR}
+ COMMAND ${PYTHON_VENV_PIP} install cram
+)
+ADD_CUSTOM_TARGET(prepare-cram-venv ALL DEPENDS ${PYTHON_VENV_CRAM})
+
+ADD_TEST(
+ NAME cram
+ COMMAND ${PYTHON_VENV_CRAM} ${test_cases}
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+)
+
+SET_PROPERTY(TEST cram APPEND PROPERTY ENVIRONMENT
"TEST_BIN_DIR=$")
diff --git a/tests/cram/inputs/invalid.ucert b/tests/cram/inputs/invalid.ucert
new file mode 100644
index
..dbdeb725d490b51fb442ae3c5a5b90a32376f108
GIT binary patch
literal 362
zcmZwDyHbNt5P;!Lp`+9mmXtaa8pj0Uj74IIQG^6@K{AdraLxfvJmkVPPw-31Uf?$C_TsUrr8PYjbt&|wj_P)<(Qp~$*0OhO
zXW{fp_l6esQJNUkNV+UjQQEv4(A7!H#E$FbN4eLYChq8*g9^aM6Tmxc#fStEyaMdO
z%cp1t~8t0WSdiu$x$nVkemUn|OclmH&3KTF`)mRcW&
zjx5I8F=cqI|BJ0B6vY_z0WNxQ
Amp~XIs#+bmp7r6D(2X7dCdj<@`gJN|wF2w-=WI2*4D{^NeTL^k7{gfd*&
r|CMc|6e)FzOyAO7W!fBSQm3h@6O{>;uBdHch+F1Ww
+ Commands:
+-A:\t\t\tappend signature (needs -c and -x) (esc)
+-D:\t\t\tdump (needs -c) (esc)
+-I:\t\t\tissue cert and revoker (needs -c and -p and -s) (esc)
+-R:\t\t\tprocess revoker certificate (needs -c and -P) (esc)
+-V:\t\t\tverify (needs -c and -p|-P, may have -m) (esc)
+ Options:
+-c :\t\tcertificate file (esc)
+-m :\t\tmessage file (verify only) (esc)
+-p :\t\tpublic key file (esc)
+-P :\t\tpublic key directory (verify only) (esc)
+-q:\t\t\tquiet (do not print verification result, use return code only)
(esc)
+-s :\t\tsecret key file (issue only) (esc)
+-x :\t\tsignature file (append only) (esc)
+
+ [1]
+
+ $ ucert -D -c $TEST_INPUTS/key-build.ucert
+ === CHAIN ELEMENT 01 ===
+ signature:
+ ---
+ untrusted comment: signed by key 84bfc88a17166577
+
RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU=
+ ---
+ payload:
+ ---
+ "ucert": {
+ \t"certtype": 1, (esc)
+ \t"validfrom": 1546188410, (esc)
+ \t"expiresat": 1577724410, (esc)
+ \t"pubkey": "untrusted comment: Local build
[OpenWrt-Devel] [PATCH ucert 5/9] cmake: split usign bits into static library
So it could be reused easily in unit tests for example.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 78970d2632b5..443d79bd4e8b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -28,13 +28,15 @@ IF(USE_RPATH)
SET(CMAKE_MACOSX_RPATH 1)
ENDIF()
-ADD_EXECUTABLE(ucert ucert.c usign-exec.c)
+ADD_LIBRARY(ucert_lib STATIC usign-exec.c)
+ADD_EXECUTABLE(ucert ucert.c)
+
IF(UCERT_FULL)
ADD_DEFINITIONS(-DUCERT_FULL)
- TARGET_LINK_LIBRARIES(ucert ${ubox} ${blobmsg_json} ${json})
+ TARGET_LINK_LIBRARIES(ucert ucert_lib ${ubox} ${blobmsg_json} ${json})
ELSE()
ADD_DEFINITIONS(-DUCERT_STRIP_MESSAGES)
- TARGET_LINK_LIBRARIES(ucert ${ubox})
+ TARGET_LINK_LIBRARIES(ucert ucert_lib ${ubox})
ENDIF()
INSTALL(TARGETS ucert RUNTIME DESTINATION bin)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 2/9] add initial GitLab CI support
Uses currently proof-of-concept openwrt-ci[1] in order to: * improve the quality of the codebase in various areas * decrease code review time and help merging contributions faster * get automagic feedback loop on various platforms and tools - out of tree build with OpenWrt SDK on following targets: * ath79-generic * imx6-generic * malta-be * mvebu-cortexa53 - out of tree native build on x86/64 with GCC (versions 7, 8, 9) and Clang 10 - out of tree native x86/64 static code analysis with cppcheck and scan-build from Clang 10 1. https://gitlab.com/ynezz/openwrt-ci/ Signed-off-by: Petr Štetiar --- .gitlab-ci.yml | 6 ++ 1 file changed, 6 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index ..94f65e71b111 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,6 @@ +variables: + CI_TARGET_BUILD_DEPENDS: ucert + +include: + - remote: https://gitlab.com/ynezz/openwrt-ci/raw/master/openwrt-ci/gitlab/main.yml + - remote: https://gitlab.com/ynezz/openwrt-ci/raw/master/openwrt-ci/gitlab/pipeline.yml ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 3/9] cmake: enable hardening compiler flags and fix the reported issues
Lets enable some useful flags in order to spot possible issues during
QA on CI (GCC version 6 and higher). Fix warnings uncovered by this new
flags as reported by clang-9 on x86/64:
ucert.c:158:33: error: comparison of integers of different signs: 'unsigned
long' and 'int' [-Werror,-Wsign-compare]
ucert.c:176:14: error: comparison of integers of different signs: 'int' and
'unsigned long' [-Werror,-Wsign-compare]
ucert.c:314:18: error: comparison of integers of different signs: '__time_t'
(aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:315:18: error: comparison of integers of different signs: '__time_t'
(aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:557:17: error: comparison of integers of different signs: '__time_t'
(aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
Ref:
https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
Signed-off-by: Petr Štetiar
---
CMakeLists.txt | 8 +++-
ucert.c| 18 +++---
2 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 14888ac38135..436abc6857b3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,7 +1,13 @@
cmake_minimum_required(VERSION 2.6)
PROJECT(ucert C)
-ADD_DEFINITIONS(-Os -ggdb -Wall --std=gnu99 -Wmissing-declarations)
+
+ADD_DEFINITIONS(-Wall -Werror)
+IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6)
+ ADD_DEFINITIONS(-Wextra -Werror=implicit-function-declaration)
+ ADD_DEFINITIONS(-Wformat -Werror=format-security
-Werror=format-nonliteral)
+ENDIF()
+ADD_DEFINITIONS(-Os -std=gnu99 -ggdb -Wmissing-declarations
-Wno-unused-parameter)
SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
diff --git a/ucert.c b/ucert.c
index 569b31d5f16e..8503eeb26cd8 100644
--- a/ucert.c
+++ b/ucert.c
@@ -48,9 +48,13 @@ static enum {
static bool quiet;
#ifndef UCERT_STRIP_MESSAGES
-#define DPRINTF(format, ...) if (!quiet) fprintf(stderr, "%s(%d): " format,
__func__, __LINE__, ## __VA_ARGS__)
+#define DPRINTF(format, ...)
\
+ do {
\
+ if (!quiet)
\
+ fprintf(stderr, "%s(%d): " format, __func__, __LINE__,
## __VA_ARGS__); \
+ } while (0)
#else
-#define DPRINTF(format, ...)
+#define DPRINTF(format, ...) do { } while (0)
#endif
/*
@@ -133,7 +137,7 @@ static int cert_load(const char *certfile, struct list_head
*chain) {
struct cert_object *cobj;
char filebuf[CERT_BUF_LEN];
int ret = 0, pret = 0;
- int len, pos = 0;
+ size_t len, pos = 0;
f = fopen(certfile, "r");
if (!f)
@@ -269,8 +273,8 @@ static int chain_verify(const char *msgfile, const char
*pubkeyfile,
list_for_each_entry(cobj, chain, list) {
/* blob has payload, verify that using signature */
if (cobj->cert[CERT_ATTR_PAYLOAD]) {
- uint64_t validfrom;
- uint64_t expiresat;
+ time_t validfrom;
+ time_t expiresat;
uint32_t certtype;
ret = cert_verify_blob(cobj->cert,
chainedpubkey[0]?chainedpubkey:pubkeyfile, pubkeydir);
@@ -499,8 +503,8 @@ static int cert_process_revoker(const char *certfile, const
char *pubkeydir) {
struct blob_attr *payloadtb[CERT_PL_ATTR_MAX];
struct stat st;
struct timeval tv;
- uint64_t validfrom;
- uint32_t certtype;
+ time_t validfrom;
+ enum certtype_id certtype;
char *fingerprint;
char rfname[512];
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 4/9] cmake: reindent the file
In order to make the indentation consistent within the file.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 436abc6857b3..78970d2632b5 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -20,21 +20,21 @@ FIND_LIBRARY(blobmsg_json NAMES blobmsg_json)
FIND_LIBRARY(json NAMES json-c json)
IF(UCERT_HOST_BUILD)
-ADD_DEFINITIONS(-DUCERT_HOST_BUILD)
+ ADD_DEFINITIONS(-DUCERT_HOST_BUILD)
ENDIF()
IF(USE_RPATH)
-SET(CMAKE_INSTALL_RPATH "${USE_RPATH}")
-SET(CMAKE_MACOSX_RPATH 1)
+ SET(CMAKE_INSTALL_RPATH "${USE_RPATH}")
+ SET(CMAKE_MACOSX_RPATH 1)
ENDIF()
ADD_EXECUTABLE(ucert ucert.c usign-exec.c)
IF(UCERT_FULL)
-ADD_DEFINITIONS(-DUCERT_FULL)
-TARGET_LINK_LIBRARIES(ucert ${ubox} ${blobmsg_json} ${json})
+ ADD_DEFINITIONS(-DUCERT_FULL)
+ TARGET_LINK_LIBRARIES(ucert ${ubox} ${blobmsg_json} ${json})
ELSE()
-ADD_DEFINITIONS(-DUCERT_STRIP_MESSAGES)
-TARGET_LINK_LIBRARIES(ucert ${ubox})
+ ADD_DEFINITIONS(-DUCERT_STRIP_MESSAGES)
+ TARGET_LINK_LIBRARIES(ucert ${ubox})
ENDIF()
INSTALL(TARGETS ucert RUNTIME DESTINATION bin)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 1/9] cmake: add proper include and library dependencies
Otherwise it's not possible to compile it properly if the dependencies
are not installed in the standard include/libraries paths.
Signed-off-by: Petr Štetiar
---
CMakeLists.txt | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4c81184caf82..14888ac38135 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,7 +5,13 @@ ADD_DEFINITIONS(-Os -ggdb -Wall --std=gnu99
-Wmissing-declarations)
SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
-find_library(json NAMES json-c json)
+FIND_PATH(ubox_include_dir NAMES libubox/usock.h)
+FIND_PATH(jsonc_include_dir NAMES json-c/json.h)
+INCLUDE_DIRECTORIES(${ubox_include_dir} ${jsonc_include_dir})
+
+FIND_LIBRARY(ubox NAMES ubox)
+FIND_LIBRARY(blobmsg_json NAMES blobmsg_json)
+FIND_LIBRARY(json NAMES json-c json)
IF(UCERT_HOST_BUILD)
ADD_DEFINITIONS(-DUCERT_HOST_BUILD)
@@ -19,10 +25,10 @@ ENDIF()
ADD_EXECUTABLE(ucert ucert.c usign-exec.c)
IF(UCERT_FULL)
ADD_DEFINITIONS(-DUCERT_FULL)
-TARGET_LINK_LIBRARIES(ucert ubox blobmsg_json ${json})
+TARGET_LINK_LIBRARIES(ucert ${ubox} ${blobmsg_json} ${json})
ELSE()
ADD_DEFINITIONS(-DUCERT_STRIP_MESSAGES)
-TARGET_LINK_LIBRARIES(ucert ubox)
+TARGET_LINK_LIBRARIES(ucert ${ubox})
ENDIF()
INSTALL(TARGETS ucert RUNTIME DESTINATION bin)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH ucert 0/9] GitLab CI, tests, fixes and improvements
Hi,
this patch series adds GitLab CI support, unit tests passed through Valgrind,
unit tests covered with Clang's {Address,Leak,UndefinedBehavior}Sanitizer and
few fixes uncovered by the new test suite.
Petr Štetiar (9):
cmake: add proper include and library dependencies
add initial GitLab CI support
cmake: enable hardening compiler flags and fix the reported issues
cmake: reindent the file
cmake: split usign bits into static library
add cram based unit tests
fix possibly garbage value returned in cert_process_revoker
fix leaking memory in cert_dump_blob
fix certificate blob parsing vulnerability by using blob_parse_untrusted
.gitlab-ci.yml| 6 +++
CMakeLists.txt| 48 +-
tests/CMakeLists.txt | 14 +++
tests/cram/CMakeLists.txt | 21 ++
tests/cram/inputs/invalid.ucert | Bin 0 -> 362 bytes
tests/cram/inputs/key-build.ucert | Bin 0 -> 356 bytes
tests/cram/test_ucert.t | 65 ++
ucert.c | 31 +-
8 files changed, 165 insertions(+), 20 deletions(-)
create mode 100644 .gitlab-ci.yml
create mode 100644 tests/CMakeLists.txt
create mode 100644 tests/cram/CMakeLists.txt
create mode 100644 tests/cram/inputs/invalid.ucert
create mode 100644 tests/cram/inputs/key-build.ucert
create mode 100644 tests/cram/test_ucert.t
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 16/20] Ensure blob_attr length check does not perform out of bounds reads
From: Tobias Schramm Before there might have been as little as one single byte left which would result in 3 bytes of blob_attr->id_len being out of bounds. Acked-by: Yousong Zhou Signed-off-by: Tobias Schramm [line wrapped < 72 chars] Signed-off-by: Petr Štetiar --- blob.h| 4 ++-- blobmsg.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/blob.h b/blob.h index af033607e309..6d618767b91a 100644 --- a/blob.h +++ b/blob.h @@ -243,7 +243,7 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val) #define __blob_for_each_attr(pos, attr, rem) \ for (pos = (struct blob_attr *) attr; \ -rem > 0 && (blob_pad_len(pos) <= rem) && \ +rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) @@ -251,7 +251,7 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val) #define blob_for_each_attr(pos, attr, rem) \ for (rem = attr ? blob_len(attr) : 0, \ pos = (struct blob_attr *) (attr ? blob_data(attr) : NULL); \ -rem > 0 && (blob_pad_len(pos) <= rem) && \ +rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) diff --git a/blobmsg.h b/blobmsg.h index 0af08789..00e0fdc1d5c6 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -266,7 +266,7 @@ int blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, . #define blobmsg_for_each_attr(pos, attr, rem) \ for (rem = attr ? blobmsg_data_len(attr) : 0, \ pos = (struct blob_attr *) (attr ? blobmsg_data(attr) : NULL); \ -rem > 0 && (blob_pad_len(pos) <= rem) && \ +rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 19/20] tests: fuzz: fuzz _len variants of checking methods
In order to increase test coverage.
Signed-off-by: Petr Štetiar
---
tests/fuzz/test-fuzz.c | 24
1 file changed, 24 insertions(+)
diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c
index 52f2bbce878f..4dc13a8d8a3b 100644
--- a/tests/fuzz/test-fuzz.c
+++ b/tests/fuzz/test-fuzz.c
@@ -1,10 +1,13 @@
#include
#include
#include
+#include
#include "blob.h"
#include "blobmsg.h"
+#define BLOBMSG_TYPE_TROUBLE INT_MAX
+
static void fuzz_blobmsg_parse(const uint8_t *data, size_t size)
{
enum {
@@ -14,6 +17,19 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t
size)
__FOO_MAX
};
+ static const int blobmsg_type[] = {
+ BLOBMSG_TYPE_UNSPEC,
+ BLOBMSG_TYPE_ARRAY,
+ BLOBMSG_TYPE_TABLE,
+ BLOBMSG_TYPE_STRING,
+ BLOBMSG_TYPE_INT64,
+ BLOBMSG_TYPE_INT32,
+ BLOBMSG_TYPE_INT16,
+ BLOBMSG_TYPE_INT8,
+ BLOBMSG_TYPE_DOUBLE,
+ BLOBMSG_TYPE_TROUBLE,
+ };
+
static const struct blobmsg_policy foo_policy[] = {
[FOO_MESSAGE] = {
.name = "message",
@@ -33,6 +49,14 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t
size)
blobmsg_parse(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size);
blobmsg_parse_array(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size);
+
+ blobmsg_check_attr_len((struct blob_attr *)data, false, size);
+ blobmsg_check_attr_len((struct blob_attr *)data, true, size);
+
+ for (size_t i=0; i < ARRAY_SIZE(blobmsg_type); i++) {
+ blobmsg_check_array_len((struct blob_attr *)data,
blobmsg_type[i], size);
+ blobmsg_check_attr_list_len((struct blob_attr *)data,
blobmsg_type[i], size);
+ }
}
static void fuzz_blob_parse(const uint8_t *data, size_t size)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 18/20] blobmsg: add _len variants for all attribute checking methods
From: Tobias Schramm
Introduce _len variants of blobmsg attribute checking functions which
aims to provide safer implementation as those functions should limit all
memory accesses performed on the blob to the range [attr, attr + len]
(upper bound non inclusive) and thus should be suited for checking of
untrusted blob attributes.
While at it add some comments in order to make it clear.
Signed-off-by: Tobias Schramm
[_safe -> _len, blobmsg_check_array_len fix, commit subject/desc facelift]
Signed-off-by: Petr Štetiar
---
blobmsg.c | 21 ++---
blobmsg.h | 55 ++-
2 files changed, 72 insertions(+), 4 deletions(-)
diff --git a/blobmsg.c b/blobmsg.c
index fbc6d2de9135..7cd0934600de 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -100,12 +100,22 @@ bool blobmsg_check_attr_len(const struct blob_attr *attr,
bool name, size_t len)
}
int blobmsg_check_array(const struct blob_attr *attr, int type)
+{
+ return blobmsg_check_array_len(attr, type, blob_raw_len(attr));
+}
+
+int blobmsg_check_array_len(const struct blob_attr *attr, int type, size_t len)
{
struct blob_attr *cur;
bool name;
- size_t rem;
int size = 0;
+ if (type > BLOBMSG_TYPE_LAST)
+ return -1;
+
+ if (!blobmsg_check_attr_len(attr, false, len))
+ return -1;
+
switch (blobmsg_type(attr)) {
case BLOBMSG_TYPE_TABLE:
name = true;
@@ -117,11 +127,11 @@ int blobmsg_check_array(const struct blob_attr *attr, int
type)
return -1;
}
- blobmsg_for_each_attr(cur, attr, rem) {
+ __blobmsg_for_each_attr(cur, attr, len) {
if (type != BLOBMSG_TYPE_UNSPEC && blobmsg_type(cur) != type)
return -1;
- if (!blobmsg_check_attr(cur, name))
+ if (!blobmsg_check_attr_len(cur, name, len))
return -1;
size++;
@@ -135,6 +145,11 @@ bool blobmsg_check_attr_list(const struct blob_attr *attr,
int type)
return blobmsg_check_array(attr, type) >= 0;
}
+bool blobmsg_check_attr_list_len(const struct blob_attr *attr, int type,
size_t len)
+{
+ return blobmsg_check_array_len(attr, type, len) >= 0;
+}
+
int blobmsg_parse_array(const struct blobmsg_policy *policy, int policy_len,
struct blob_attr **tb, void *data, unsigned int len)
{
diff --git a/blobmsg.h b/blobmsg.h
index c44015942a37..af88c1feb86f 100644
--- a/blobmsg.h
+++ b/blobmsg.h
@@ -104,19 +104,66 @@ static inline size_t blobmsg_len(const struct blob_attr
*attr)
return blobmsg_data_len(attr);
}
+/*
+ * blobmsg_check_attr: validate a list of attributes
+ *
+ * This method may be used with trusted data only. Providing
+ * malformed blobs will cause out of bounds memory access.
+ */
bool blobmsg_check_attr(const struct blob_attr *attr, bool name);
-bool blobmsg_check_attr_list(const struct blob_attr *attr, int type);
+/*
+ * blobmsg_check_attr_len: validate a list of attributes
+ *
+ * This method should be safer implementation of blobmsg_check_attr.
+ * It will limit all memory access performed on the blob to the
+ * range [attr, attr + len] (upper bound non inclusive) and is
+ * thus suited for checking of untrusted blob attributes.
+ */
bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t
len);
+/*
+ * blobmsg_check_attr_list: validate a list of attributes
+ *
+ * This method may be used with trusted data only. Providing
+ * malformed blobs will cause out of bounds memory access.
+ */
+bool blobmsg_check_attr_list(const struct blob_attr *attr, int type);
+
+/*
+ * blobmsg_check_attr_list_len: validate a list of untrusted attributes
+ *
+ * This method should be safer implementation of blobmsg_check_attr_list.
+ * It will limit all memory access performed on the blob to the
+ * range [attr, attr + len] (upper bound non inclusive) and is
+ * thus suited for checking of untrusted blob attributes.
+ */
+bool blobmsg_check_attr_list_len(const struct blob_attr *attr, int type,
size_t len);
+
/*
* blobmsg_check_array: validate array/table and return size
*
* Checks if all elements of an array or table are valid and have
* the specified type. Returns the number of elements in the array
+ *
+ * This method may be used with trusted data only. Providing
+ * malformed blobs will cause out of bounds memory access.
*/
int blobmsg_check_array(const struct blob_attr *attr, int type);
+/*
+ * blobmsg_check_array_len: validate untrusted array/table and return size
+ *
+ * Checks if all elements of an array or table are valid and have
+ * the specified type. Returns the number of elements in the array.
+ *
+ * This method should be safer implementation of blobmsg_check_array.
+ * It will limit all memory access performed on the blob to the
+ * range [attr, attr + len] (upper bound non inclusive) and is
+ * thus suited for
[OpenWrt-Devel] [PATCH libubox 17/20] Replace use of blobmsg_check_attr by blobmsg_check_attr_len
From: Tobias Schramm
blobmsg_check_attr_len adds a length limit specifying the max offset
from attr that can be read safely.
Signed-off-by: Tobias Schramm
[rebased and reworked, line wrapped commit message, _safe -> _len]
Signed-off-by: Petr Štetiar
---
blobmsg.c | 60 ++-
blobmsg.h | 2 ++
2 files changed, 48 insertions(+), 14 deletions(-)
diff --git a/blobmsg.c b/blobmsg.c
index 71d4a36a647c..fbc6d2de9135 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -33,38 +33,70 @@ blobmsg_namelen(const struct blobmsg_hdr *hdr)
bool blobmsg_check_attr(const struct blob_attr *attr, bool name)
{
+ return blobmsg_check_attr_len(attr, name, blob_raw_len(attr));
+}
+
+static bool blobmsg_check_name(const struct blob_attr *attr, size_t len, bool
name)
+{
+ char *limit = (char *) attr + len;
const struct blobmsg_hdr *hdr;
- const char *data;
- size_t len;
- int id;
- if (blob_len(attr) < sizeof(struct blobmsg_hdr))
+ hdr = blob_data(attr);
+ if (name && !hdr->namelen)
return false;
- hdr = (void *) attr->data;
- if (!hdr->namelen && name)
+ if ((char *) hdr->name + blobmsg_namelen(hdr) > limit)
return false;
- if (blobmsg_namelen(hdr) > blob_len(attr) - sizeof(struct blobmsg_hdr))
+ if (blobmsg_namelen(hdr) > (blob_len(attr) - sizeof(struct
blobmsg_hdr)))
return false;
if (hdr->name[blobmsg_namelen(hdr)] != 0)
return false;
- id = blob_id(attr);
- len = blobmsg_data_len(attr);
- if (len > blob_raw_len(attr))
- return false;
+ return true;
+}
+
+static const char* blobmsg_check_data(const struct blob_attr *attr, size_t
len, size_t *data_len)
+{
+ char *limit = (char *) attr + len;
+ const char *data;
+
+ *data_len = blobmsg_data_len(attr);
+ if (*data_len > blob_raw_len(attr))
+ return NULL;
data = blobmsg_data(attr);
+ if (data + *data_len > limit)
+ return NULL;
+
+ return data;
+}
+
+bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t
len)
+{
+ const char *data;
+ size_t data_len;
+ int id;
+ if (len < sizeof(struct blob_attr))
+ return false;
+
+ if (!blobmsg_check_name(attr, len, name))
+ return false;
+
+ id = blob_id(attr);
if (id > BLOBMSG_TYPE_LAST)
return false;
if (!blob_type[id])
return true;
- return blob_check_type(data, len, blob_type[id]);
+ data = blobmsg_check_data(attr, len, _len);
+ if (!data)
+ return false;
+
+ return blob_check_type(data, data_len, blob_type[id]);
}
int blobmsg_check_array(const struct blob_attr *attr, int type)
@@ -115,7 +147,7 @@ int blobmsg_parse_array(const struct blobmsg_policy
*policy, int policy_len,
blob_id(attr) != policy[i].type)
continue;
- if (!blobmsg_check_attr(attr, false))
+ if (!blobmsg_check_attr_len(attr, false, len))
return -1;
if (tb[i])
@@ -162,7 +194,7 @@ int blobmsg_parse(const struct blobmsg_policy *policy, int
policy_len,
if (blobmsg_namelen(hdr) != pslen[i])
continue;
- if (!blobmsg_check_attr(attr, true))
+ if (!blobmsg_check_attr_len(attr, true, len))
return -1;
if (tb[i])
diff --git a/blobmsg.h b/blobmsg.h
index 00e0fdc1d5c6..c44015942a37 100644
--- a/blobmsg.h
+++ b/blobmsg.h
@@ -107,6 +107,8 @@ static inline size_t blobmsg_len(const struct blob_attr
*attr)
bool blobmsg_check_attr(const struct blob_attr *attr, bool name);
bool blobmsg_check_attr_list(const struct blob_attr *attr, int type);
+bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t
len);
+
/*
* blobmsg_check_array: validate array/table and return size
*
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 15/20] blobmsg: fix heap buffer overflow in blobmsg_parse
Fixes following error found by the fuzzer: ==29774==ERROR: AddressSanitizer: heap-buffer-overflow READ of size 1 at 0x6020004f1c56 thread T0 #0 strcmp sanitizer_common_interceptors.inc:442:3 #1 blobmsg_parse blobmsg.c:168:8 Signed-off-by: Petr Štetiar --- blobmsg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/blobmsg.c b/blobmsg.c index 1a8b783e9ba9..71d4a36a647c 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -53,6 +53,9 @@ bool blobmsg_check_attr(const struct blob_attr *attr, bool name) id = blob_id(attr); len = blobmsg_data_len(attr); + if (len > blob_raw_len(attr)) + return false; + data = blobmsg_data(attr); if (id > BLOBMSG_TYPE_LAST) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 20/20] blobmsg: reuse blobmsg_namelen in blobmsg_data
Move blobmsg_namelen into header file so it's possible to reuse it in
blobmsg_data.
Signed-off-by: Petr Štetiar
---
blobmsg.c | 6 --
blobmsg.h | 7 ++-
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/blobmsg.c b/blobmsg.c
index 7cd0934600de..48dba8156d58 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -25,12 +25,6 @@ static const int blob_type[__BLOBMSG_TYPE_LAST] = {
[BLOBMSG_TYPE_UNSPEC] = BLOB_ATTR_BINARY,
};
-static uint16_t
-blobmsg_namelen(const struct blobmsg_hdr *hdr)
-{
- return be16_to_cpu(hdr->namelen);
-}
-
bool blobmsg_check_attr(const struct blob_attr *attr, bool name)
{
return blobmsg_check_attr_len(attr, name, blob_raw_len(attr));
diff --git a/blobmsg.h b/blobmsg.h
index af88c1feb86f..be3c7ee2cbfd 100644
--- a/blobmsg.h
+++ b/blobmsg.h
@@ -69,6 +69,11 @@ static inline int blobmsg_type(const struct blob_attr *attr)
return blob_id(attr);
}
+static uint16_t blobmsg_namelen(const struct blobmsg_hdr *hdr)
+{
+ return be16_to_cpu(hdr->namelen);
+}
+
static inline void *blobmsg_data(const struct blob_attr *attr)
{
struct blobmsg_hdr *hdr;
@@ -81,7 +86,7 @@ static inline void *blobmsg_data(const struct blob_attr *attr)
data = (char *) blob_data(attr);
if (blob_is_extended(attr))
- data += blobmsg_hdrlen(be16_to_cpu(hdr->namelen));
+ data += blobmsg_hdrlen(blobmsg_namelen(hdr));
return data;
}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 11/20] blob: fix OOB access in blob_check_type
Found by fuzzer:
ERROR: AddressSanitizer: SEGV on unknown address 0x60210455
The signal is caused by a READ memory access.
#0 in blob_check_type blob.c:214:43
#1 in blob_parse_attr blob.c:234:9
#2 in blob_parse_untrusted blob.c:272:12
#3 in fuzz_blob_parse tests/fuzzer/test-blob-parse-fuzzer.c:34:2
#4 in LLVMFuzzerTestOneInput tests/fuzzer/test-blob-parse-fuzzer.c:39:2
Caused by following line:
if (type == BLOB_ATTR_STRING && data[len - 1] != 0)
where len was pointing outside of the data buffer.
Signed-off-by: Petr Štetiar
---
blob.c| 23 ++
tests/cram/test_blob_parse.t | 2 ++
...h-333757b203a44751d3535f24b05f467183a96d09 | Bin 0 -> 10 bytes
3 files changed, 20 insertions(+), 5 deletions(-)
create mode 100644
tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09
diff --git a/blob.c b/blob.c
index dc908d9ea745..528e717615d6 100644
--- a/blob.c
+++ b/blob.c
@@ -218,20 +218,33 @@ blob_check_type(const void *ptr, unsigned int len, int
type)
}
static int
-blob_parse_attr(struct blob_attr *attr, struct blob_attr **data, const struct
blob_attr_info *info, int max)
+blob_parse_attr(struct blob_attr *attr, size_t attr_len, struct blob_attr
**data, const struct blob_attr_info *info, int max)
{
+ int id;
+ size_t len;
int found = 0;
- int id = blob_id(attr);
- size_t len = blob_len(attr);
+ size_t data_len;
+ if (!attr || attr_len < sizeof(struct blob_attr))
+ return 0;
+
+ id = blob_id(attr);
if (id >= max)
return 0;
+ len = blob_raw_len(attr);
+ if (len > attr_len || len < sizeof(struct blob_attr))
+ return 0;
+
+ data_len = blob_len(attr);
+ if (data_len > len)
+ return 0;
+
if (info) {
int type = info[id].type;
if (type < BLOB_ATTR_LAST) {
- if (!blob_check_type(blob_data(attr), len, type))
+ if (!blob_check_type(blob_data(attr), data_len, type))
return 0;
}
@@ -285,7 +298,7 @@ blob_parse(struct blob_attr *attr, struct blob_attr **data,
const struct blob_at
memset(data, 0, sizeof(struct blob_attr *) * max);
blob_for_each_attr(pos, attr, rem) {
- found += blob_parse_attr(pos, data, info, max);
+ found += blob_parse_attr(pos, rem, data, info, max);
}
return found;
diff --git a/tests/cram/test_blob_parse.t b/tests/cram/test_blob_parse.t
index 77d8bdd858b6..1fd60bc71122 100644
--- a/tests/cram/test_blob_parse.t
+++ b/tests/cram/test_blob_parse.t
@@ -56,6 +56,8 @@ check that blob_parse is producing expected results:
cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
+ cannot parse cert crash-333757b203a44751d3535f24b05f467183a96d09
+ cannot parse cert crash-333757b203a44751d3535f24b05f467183a96d09
cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
diff --git a/tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09
b/tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09
new file mode 100644
index
..b9a958e08d457aaeb05102bb0d654428ffca161e
GIT binary patch
literal 10
RcmZQzVBlh6U|=$10002a07U=*
literal 0
HcmV?d1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 14/20] blobmsg: make blobmsg_len and blobmsg_data_len return unsigned value
One usually doesn't guard against negative length values in the code.
Signed-off-by: Petr Štetiar
---
blobmsg.c | 3 ++-
blobmsg.h | 4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/blobmsg.c b/blobmsg.c
index 97e0c20575ff..1a8b783e9ba9 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -35,7 +35,8 @@ bool blobmsg_check_attr(const struct blob_attr *attr, bool
name)
{
const struct blobmsg_hdr *hdr;
const char *data;
- int id, len;
+ size_t len;
+ int id;
if (blob_len(attr) < sizeof(struct blobmsg_hdr))
return false;
diff --git a/blobmsg.h b/blobmsg.h
index b06ef597d8c6..0af08789 100644
--- a/blobmsg.h
+++ b/blobmsg.h
@@ -86,7 +86,7 @@ static inline void *blobmsg_data(const struct blob_attr *attr)
return data;
}
-static inline int blobmsg_data_len(const struct blob_attr *attr)
+static inline size_t blobmsg_data_len(const struct blob_attr *attr)
{
uint8_t *start, *end;
@@ -99,7 +99,7 @@ static inline int blobmsg_data_len(const struct blob_attr
*attr)
return blob_len(attr) - (end - start);
}
-static inline int blobmsg_len(const struct blob_attr *attr)
+static inline size_t blobmsg_len(const struct blob_attr *attr)
{
return blobmsg_data_len(attr);
}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 13/20] tests: add test cases for blobmsg parsing
Increasing test coverage. Signed-off-by: Petr Štetiar --- tests/cram/test_blobmsg_parse.t | 65 + tests/test-blobmsg-parse.c | 74 + 2 files changed, 139 insertions(+) create mode 100644 tests/cram/test_blobmsg_parse.t create mode 100644 tests/test-blobmsg-parse.c diff --git a/tests/cram/test_blobmsg_parse.t b/tests/cram/test_blobmsg_parse.t new file mode 100644 index ..37e09ce33f1a --- /dev/null +++ b/tests/cram/test_blobmsg_parse.t @@ -0,0 +1,65 @@ +check that blobmsg_parse is producing expected results: + + $ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH" + $ export FUZZ_CORPUS="$TESTDIR/../fuzz/corpus" + + $ for blob in $(LC_ALL=C find $FUZZ_CORPUS -type f | sort ); do + > valgrind --quiet --leak-check=full test-blobmsg-parse $blob; \ + > test-blobmsg-parse-san $blob; \ + > done + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse_array: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse_array: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse_array: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse_array: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse_array: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse_array: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse_array: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse_array: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse_array: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse_array: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse_array: ... (-1) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse_array: ... (-1) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse: ... (0) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse_array: ... (-1) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse: ... (0) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse_array: ... (-1) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse: ... (0) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse_array: ... (-1) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse: ... (0) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse_array: ... (-1) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse: ... (0) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse_array: ... (-1) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse: ... (0) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse_array: ... (-1) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse_array: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse_array: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse_array: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse_array: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse_array: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse_array: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse_array: ... (-1) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse_array: ... (-1) + valid-blobmsg.bin: blobmsg_parse: MLT (0) + valid-blobmsg.bin: blobmsg_parse_array: MLT (0) + valid-blobmsg.bin: blobmsg_parse: MLT (0) +
[OpenWrt-Devel] [PATCH libubox 10/20] tests: use blob_parse_untrusted variant
In order to be able to use invalid input for testing as well.
Signed-off-by: Petr Štetiar
---
tests/fuzz/test-fuzz.c | 2 +-
tests/test-blob-parse.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c
index 7153847e0825..52f2bbce878f 100644
--- a/tests/fuzz/test-fuzz.c
+++ b/tests/fuzz/test-fuzz.c
@@ -64,7 +64,7 @@ static void fuzz_blob_parse(const uint8_t *data, size_t size)
struct blob_attr *foo[__FOO_ATTR_MAX];
struct blob_attr *buf = (struct blob_attr *)data;
- blob_parse(buf, foo, foo_policy, __FOO_ATTR_MAX);
+ blob_parse_untrusted(buf, size, foo, foo_policy, __FOO_ATTR_MAX);
}
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
diff --git a/tests/test-blob-parse.c b/tests/test-blob-parse.c
index 6b1fb56485da..6d65eb4995b5 100644
--- a/tests/test-blob-parse.c
+++ b/tests/test-blob-parse.c
@@ -87,7 +87,7 @@ static int cert_load(const char *certfile, struct list_head
*chain)
bufpt = (struct blob_attr *)filebuf;
do {
- pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
+ pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy,
CERT_ATTR_MAX);
if (pret <= 0)
/* no attributes found */
break;
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 06/20] tests: add test cases for blob parsing
Increasing test coverage.
Signed-off-by: Petr Štetiar
---
tests/cram/inputs/invalid.ucert | Bin 0 -> 362 bytes
tests/cram/inputs/key-build.ucert | Bin 0 -> 356 bytes
tests/cram/test_blob_parse.t | 76 +
tests/test-blob-parse.c | 175 ++
4 files changed, 251 insertions(+)
create mode 100644 tests/cram/inputs/invalid.ucert
create mode 100644 tests/cram/inputs/key-build.ucert
create mode 100644 tests/cram/test_blob_parse.t
create mode 100644 tests/test-blob-parse.c
diff --git a/tests/cram/inputs/invalid.ucert b/tests/cram/inputs/invalid.ucert
new file mode 100644
index
..dbdeb725d490b51fb442ae3c5a5b90a32376f108
GIT binary patch
literal 362
zcmZwDyHbNt5P;!Lp`+9mmXtaa8pj0Uj74IIQG^6@K{AdraLxfvJmkVPPw-31Uf?$C_TsUrr8PYjbt&|wj_P)<(Qp~$*0OhO
zXW{fp_l6esQJNUkNV+UjQQEv4(A7!H#E$FbN4eLYChq8*g9^aM6Tmxc#fStEyaMdO
z%cp1t~8t0WSdiu$x$nVkemUn|OclmH&3KTF`)mRcW&
zjx5I8F=cqI|BJ0B6vY_z0WNxQ
Amp~XIs#+bmp7r6D(2X7dCdj<@`gJN|wF2w-=WI2*4D{^NeTL^k7{gfd*&
r|CMc|6e)FzOyAO7W!fBSQm3h@6O{>;uBdHch+F1Ww valgrind --quiet --leak-check=full test-blob-parse $blob; \
+ > test-blob-parse-san $blob; \
+ > done
+ cannot parse cert 71520a5c4b5ca73903216857abbad54a8002d44a
+ cannot parse cert 71520a5c4b5ca73903216857abbad54a8002d44a
+ cannot parse cert c1dfd96eea8cc2b62785275bca38ac261256e278
+ cannot parse cert c1dfd96eea8cc2b62785275bca38ac261256e278
+ cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
+ cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
+ cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
+ cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
+ cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
+ cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
+ cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
+ cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
+ cannot parse cert crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
+ cannot parse cert crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
+ cannot parse cert crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
+ cannot parse cert crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
+ cannot parse cert crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
+ cannot parse cert crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
+ cannot parse cert crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
+ cannot parse cert crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
+ cannot parse cert crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
+ cannot parse cert crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
+ cannot parse cert crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
+ cannot parse cert crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
+ cannot parse cert valid-blobmsg.bin
+ cannot parse cert valid-blobmsg.bin
diff --git a/tests/test-blob-parse.c b/tests/test-blob-parse.c
new file mode 100644
index ..6b1fb56485da
--- /dev/null
+++ b/tests/test-blob-parse.c
@@ -0,0 +1,175 @@
+/*
+ * Based on certificate dump functionality from ucert.c:
+ *
+ * Copyright (C) 2018 Daniel Golle
+ * SPDX-License-Identifier: GPL-3.0
+ *
+ */
+
+#include
+#include
+#include
+#include
+
+#include "blob.h"
+#include "list.h"
+#include "blobmsg_json.h"
+
+#define CERT_BUF_LEN 4096
+
+/*
+ * ucert structure
+ * | BLOB|
+ * |SIGNATURE| PAYLOAD |
+ * | |[ BLOBMSG CONTAINER ]|
+ * | |[[T,i,v,e,f,pubkey ]]|
+ */
+enum cert_attr {
+ CERT_ATTR_SIGNATURE,
+ CERT_ATTR_PAYLOAD,
+ CERT_ATTR_MAX
+};
+
+static const struct blob_attr_info cert_policy[CERT_ATTR_MAX] = {
+ [CERT_ATTR_SIGNATURE] = { .type = BLOB_ATTR_BINARY },
+ [CERT_ATTR_PAYLOAD] = { .type = BLOB_ATTR_NESTED },
+};
+
+enum cert_cont_attr {
+ CERT_CT_ATTR_PAYLOAD,
+ CERT_CT_ATTR_MAX
+};
+
+enum cert_payload_attr {
+ CERT_PL_ATTR_CERTTYPE,
+ CERT_PL_ATTR_CERTID,
+ CERT_PL_ATTR_VALIDFROMTIME,
+ CERT_PL_ATTR_EXPIRETIME,
+ CERT_PL_ATTR_PUBKEY,
+ CERT_PL_ATTR_KEY_FINGERPRINT,
+ CERT_PL_ATTR_MAX
+};
+
+enum certtype_id {
+ CERTTYPE_UNSPEC,
+ CERTTYPE_AUTH,
+ CERTTYPE_REVOKE
+};
+
+/* list to store certificate chain at runtime */
+struct cert_object {
+ struct list_head list;
+ struct blob_attr *cert[CERT_ATTR_MAX];
+};
+
+static int cert_load(const char *certfile, struct list_head *chain)
+{
+ FILE *f;
+ struct blob_attr *certtb[CERT_ATTR_MAX];
+ struct blob_attr *bufpt;
+ struct cert_object *cobj;
+ char filebuf[CERT_BUF_LEN];
+ int ret = 0, pret = 0;
+ size_t len, pos = 0;
+
+ f = fopen(certfile, "r");
+ if (!f)
+ return 1;
+
+ len = fread(, 1, CERT_BUF_LEN - 1, f);
+ if (len < 64)
+ return 1;
+
+ ret = ferror(f) || !feof(f);
+ fclose(f);
+ if (ret)
[OpenWrt-Devel] [PATCH libubox 12/20] test: fuzz: add blobmsg_check_attr crashes
==31775==ERROR: AddressSanitizer: SEGV on unknown address 0x604000a7c715
==31775==The signal is caused by a READ memory access.
#0 blobmsg_check_attr blobmsg.c:48:6
#1 blobmsg_parse_array blobmsg.c:118:8
#2 fuzz_blobmsg_parse test-blobmsg-parse-fuzzer.c:35:2
Signed-off-by: Petr Štetiar
---
.../crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 | Bin 0 -> 17 bytes
.../crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b | Bin 0 -> 86 bytes
.../crash-75b146c4e6fac64d3e62236b27c64b50657bab2a | Bin 0 -> 4 bytes
.../crash-813f3e68661da09c26d4a87dbb9d5099e92be50f | Bin 0 -> 36 bytes
.../crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 | Bin 0 -> 66 bytes
5 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644
tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
create mode 100644
tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
create mode 100644
tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
create mode 100644
tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
create mode 100644
tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
diff --git a/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
b/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
new file mode 100644
index
..2ca392f0c6109a4b0d6cf44ed18d69133addd8ca
GIT binary patch
literal 17
NcmZQ(U|@cV3;+h
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
b/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
new file mode 100644
index
..39ae859cc00ce0c4b80c5a1d0bf031b6a6310ce0
GIT binary patch
literal 4
LcmZQ(U|<3O01^NO
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
b/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
new file mode 100644
index
..62338ff4f0801529d0f6598c02bfbb9c57b5533c
GIT binary patch
literal 36
QcmZQ(U|{}_7cese01OQs?*IS*
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
b/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
new file mode 100644
index
..92a30d23706ee628d4a076fcbe0b7613650c2039
GIT binary patch
literal 66
QcmZQ(U|{}F0bphZ0GOFO(EtDd
literal 0
HcmV?d1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 05/20] tests: add libFuzzer based tests
LibFuzzer is in-process, coverage-guided, evolutionary fuzzing engine.
LibFuzzer is linked with the library under test, and feeds fuzzed inputs
to the library via a specific fuzzing entrypoint (aka "target
function"); the fuzzer then tracks which areas of the code are reached,
and generates mutations on the corpus of input data in order to maximize
the code coverage.
Lets use libFuzzer to fuzz blob and blobmsg parsing for the start.
Ref: https://llvm.org/docs/LibFuzzer.html
Signed-off-by: Petr Štetiar
---
tests/CMakeLists.txt | 4 +
tests/fuzz/CMakeLists.txt | 18 +
.../71520a5c4b5ca73903216857abbad54a8002d44a | Bin 0 -> 2 bytes
.../c1dfd96eea8cc2b62785275bca38ac261256e278 | 1 +
.../c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 | Bin 0 -> 3 bytes
tests/fuzz/corpus/valid-blobmsg.bin | Bin 0 -> 176 bytes
tests/fuzz/test-fuzz.c| 76 ++
7 files changed, 99 insertions(+)
create mode 100644 tests/fuzz/CMakeLists.txt
create mode 100644 tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
create mode 100644 tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
create mode 100644 tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
create mode 100644 tests/fuzz/corpus/valid-blobmsg.bin
create mode 100644 tests/fuzz/test-fuzz.c
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index bd2205743318..0cb33427e45a 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -12,3 +12,7 @@ FOREACH(test_case ${test_cases})
ADD_UNIT_TEST(${test_case})
ADD_UNIT_TEST_SAN(${test_case})
ENDFOREACH(test_case)
+
+IF(CMAKE_C_COMPILER_ID STREQUAL "Clang")
+ ADD_SUBDIRECTORY(fuzz)
+ENDIF()
diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt
new file mode 100644
index ..cca74fd6ca12
--- /dev/null
+++ b/tests/fuzz/CMakeLists.txt
@@ -0,0 +1,18 @@
+FILE(GLOB test_cases "test-*.c")
+
+MACRO(ADD_FUZZER_TEST name)
+ ADD_EXECUTABLE(${name} ${name}.c)
+ TARGET_COMPILE_OPTIONS(${name} PRIVATE -g -O1 -fno-omit-frame-pointer
-fsanitize=fuzzer,address,leak,undefined)
+ TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR})
+ TARGET_LINK_OPTIONS(${name} PRIVATE -stdlib=libc++
-fsanitize=fuzzer,address,leak,undefined)
+ TARGET_LINK_LIBRARIES(${name} ubox blobmsg_json json_script ${json})
+ ADD_TEST(
+NAME ${name}
+COMMAND ${name} -max_len=256 -timeout=10 -max_total_time=300
${CMAKE_CURRENT_SOURCE_DIR}/corpus
+ )
+ENDMACRO(ADD_FUZZER_TEST)
+
+FOREACH(test_case ${test_cases})
+ GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
+ ADD_FUZZER_TEST(${test_case})
+ENDFOREACH(test_case)
diff --git a/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
b/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
new file mode 100644
index
..b4e009dd6d7e91ff56595a84010db2eb81e41622
GIT binary patch
literal 2
Jcmcb}0004`0MY;e
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
new file mode 100644
index ..62f9457511f8
--- /dev/null
+++ b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
@@ -0,0 +1 @@
+6
\ No newline at end of file
diff --git a/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
b/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
new file mode 100644
index
..3d70d85eba81360f757bc71859316667610c5339
GIT binary patch
literal 3
KcmZQ%U<3dF2LJ;A
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/valid-blobmsg.bin
b/tests/fuzz/corpus/valid-blobmsg.bin
new file mode 100644
index
..2d0c68e8a1273ae12ac6d4401c7471927809a926
GIT binary patch
literal 176
zcmZo>V31>A~ZPE1c_U|{e_@8vQ7F$Z%1KcK@*9Cd3@kaB#U%_3tqcr2Kp`+d
zVlyJKnK~F4BpBFI@=KF)K*ljRBy39qfhLeS93`p6B`Jv|i3|+5)B(*BU|`JvxdNn}
Rv6+E^kAW5J90ntx007e$BMSfk
literal 0
HcmV?d1
diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c
new file mode 100644
index ..7153847e0825
--- /dev/null
+++ b/tests/fuzz/test-fuzz.c
@@ -0,0 +1,76 @@
+#include
+#include
+#include
+
+#include "blob.h"
+#include "blobmsg.h"
+
+static void fuzz_blobmsg_parse(const uint8_t *data, size_t size)
+{
+ enum {
+ FOO_MESSAGE,
+ FOO_LIST,
+ FOO_TESTDATA,
+ __FOO_MAX
+ };
+
+ static const struct blobmsg_policy foo_policy[] = {
+ [FOO_MESSAGE] = {
+ .name = "message",
+ .type = BLOBMSG_TYPE_STRING,
+ },
+ [FOO_LIST] = {
+ .name = "list",
+ .type = BLOBMSG_TYPE_ARRAY,
+ },
+ [FOO_TESTDATA] = {
+ .name = "testdata",
+ .type = BLOBMSG_TYPE_TABLE,
+
[OpenWrt-Devel] [PATCH libubox 08/20] blob: refactor attr parsing into separate function
Making blob_parse easier to review.
Signed-off-by: Petr Štetiar
---
blob.c | 61 +-
1 file changed, 35 insertions(+), 26 deletions(-)
diff --git a/blob.c b/blob.c
index 9b3d8abe330a..ee93894b9e6f 100644
--- a/blob.c
+++ b/blob.c
@@ -217,44 +217,53 @@ blob_check_type(const void *ptr, unsigned int len, int
type)
return true;
}
-int
-blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct
blob_attr_info *info, int max)
+static int
+blob_parse_attr(struct blob_attr *attr, struct blob_attr **data, const struct
blob_attr_info *info, int max)
{
- struct blob_attr *pos;
int found = 0;
- size_t rem;
+ int id = blob_id(attr);
+ size_t len = blob_len(attr);
- memset(data, 0, sizeof(struct blob_attr *) * max);
- blob_for_each_attr(pos, attr, rem) {
- int id = blob_id(pos);
- size_t len = blob_len(pos);
+ if (id >= max)
+ return 0;
- if (id >= max)
- continue;
+ if (info) {
+ int type = info[id].type;
- if (info) {
- int type = info[id].type;
+ if (type < BLOB_ATTR_LAST) {
+ if (!blob_check_type(blob_data(attr), len, type))
+ return 0;
+ }
- if (type < BLOB_ATTR_LAST) {
- if (!blob_check_type(blob_data(pos), len, type))
- continue;
- }
+ if (info[id].minlen && len < info[id].minlen)
+ return 0;
- if (info[id].minlen && len < info[id].minlen)
- continue;
+ if (info[id].maxlen && len > info[id].maxlen)
+ return 0;
- if (info[id].maxlen && len > info[id].maxlen)
- continue;
+ if (info[id].validate && !info[id].validate([id], attr))
+ return 0;
+ }
- if (info[id].validate && !info[id].validate([id],
pos))
- continue;
- }
+ if (!data[id])
+ found++;
- if (!data[id])
- found++;
+ data[id] = attr;
+ return found;
+}
- data[id] = pos;
+int
+blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct
blob_attr_info *info, int max)
+{
+ struct blob_attr *pos;
+ int found = 0;
+ size_t rem;
+
+ memset(data, 0, sizeof(struct blob_attr *) * max);
+ blob_for_each_attr(pos, attr, rem) {
+ found += blob_parse_attr(pos, data, info, max);
}
+
return found;
}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 07/20] test: fuzz: add blob_parse crashes
==5872==ERROR: AddressSanitizer: SEGV on unknown address 0x6020004100b4
==5872==The signal is caused by a READ memory access.
#0 blob_data blob.h
#1 blob_parse blob.c:228:2
Signed-off-by: Petr Štetiar
---
.../crash-1b8fb1be45db3aff7699100f497fb74138f3df4f | Bin 0 -> 6 bytes
.../crash-98595faa58ba01d85ba4fd0b109cd3d490b45795 | Bin 0 -> 6 bytes
.../crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 | 1 +
.../crash-df9d1243057b27bbad6211e5a23d1cb699028aa2 | Bin 0 -> 16 bytes
4 files changed, 1 insertion(+)
create mode 100644
tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
create mode 100644
tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
create mode 100644
tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
create mode 100644
tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
diff --git a/tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
b/tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
new file mode 100644
index
..407114eb1a9fc2c82f40cac9948c75ac23948385
GIT binary patch
literal 6
Lcmd;L00Kt<0D}Nb
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
b/tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
new file mode 100644
index
..530ae8f6c1f7b9fa3ed86d1bf66b7e0a6d8b7485
GIT binary patch
literal 6
Ncmd<$;^Jap0{{TP051Rl
literal 0
HcmV?d1
diff --git a/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
b/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
new file mode 100644
index ..46b749ee7968
--- /dev/null
+++ b/tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
@@ -0,0 +1 @@
+�
diff --git a/tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
b/tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
new file mode 100644
index
..f6899b51bcb4283949208b7937e9a4ce3a7ef13c
GIT binary patch
literal 16
RcmZQzVBln8U;rWr4FCY<02=@R
literal 0
HcmV?d1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 09/20] blob: introduce blob_parse_untrusted
blob_parse can be only used on trusted input as it has no possibility to
check the length of the provided input buffer, which might lead to
undefined behaviour and/or crashes when supplied with malformed,
corrupted or otherwise specially crafted input.
So this introduces blob_parse_untrusted variant which expects additional
input buffer length argument and thus should be able to process also
inputs from untrusted sources.
Signed-off-by: Petr Štetiar
---
blob.c | 24
blob.h | 7 +++
2 files changed, 31 insertions(+)
diff --git a/blob.c b/blob.c
index ee93894b9e6f..dc908d9ea745 100644
--- a/blob.c
+++ b/blob.c
@@ -252,6 +252,30 @@ blob_parse_attr(struct blob_attr *attr, struct blob_attr
**data, const struct bl
return found;
}
+int
+blob_parse_untrusted(struct blob_attr *attr, size_t attr_len, struct blob_attr
**data, const struct blob_attr_info *info, int max)
+{
+ struct blob_attr *pos;
+ size_t len = 0;
+ int found = 0;
+ size_t rem;
+
+ if (!attr || attr_len < sizeof(struct blob_attr))
+ return 0;
+
+ len = blob_raw_len(attr);
+ if (len != attr_len)
+ return 0;
+
+ memset(data, 0, sizeof(struct blob_attr *) * max);
+ blob_for_each_attr_len(pos, attr, len, rem) {
+ found += blob_parse_attr(pos, rem, data, info, max);
+ }
+
+ return found;
+}
+
+/* use only on trusted input, otherwise consider blob_parse_untrusted */
int
blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct
blob_attr_info *info, int max)
{
diff --git a/blob.h b/blob.h
index d34652229b59..af033607e309 100644
--- a/blob.h
+++ b/blob.h
@@ -199,6 +199,7 @@ extern void blob_nest_end(struct blob_buf *buf, void
*cookie);
extern struct blob_attr *blob_put(struct blob_buf *buf, int id, const void
*ptr, unsigned int len);
extern bool blob_check_type(const void *ptr, unsigned int len, int type);
extern int blob_parse(struct blob_attr *attr, struct blob_attr **data, const
struct blob_attr_info *info, int max);
+extern int blob_parse_untrusted(struct blob_attr *attr, size_t attr_len,
struct blob_attr **data, const struct blob_attr_info *info, int max);
extern struct blob_attr *blob_memdup(struct blob_attr *attr);
extern struct blob_attr *blob_put_raw(struct blob_buf *buf, const void *ptr,
unsigned int len);
@@ -254,5 +255,11 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val)
(blob_pad_len(pos) >= sizeof(struct blob_attr)); \
rem -= blob_pad_len(pos), pos = blob_next(pos))
+#define blob_for_each_attr_len(pos, attr, attr_len, rem) \
+ for (rem = attr ? blob_len(attr) : 0, \
+pos = (struct blob_attr *) (attr ? blob_data(attr) : NULL); \
+rem >= sizeof(struct blob_attr) && rem < attr_len &&
(blob_pad_len(pos) <= rem) && \
+(blob_pad_len(pos) >= sizeof(struct blob_attr)); \
+rem -= blob_pad_len(pos), pos = blob_next(pos))
#endif
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 04/20] tests: add unit tests covered with Clang sanitizers
Currently we run all tests via Valgrind. This patch adds 2nd batch of
tests which are compiled with Clang AddressSanitizer[1],
LeakSanitizer[2] and UndefinedBehaviorSanitizer[3] in order to catch
more issues during QA on CI.
AddressSanitizer is a fast memory error detector. The tool can detect
the following types of bugs:
* Out-of-bounds accesses to heap, stack and globals
* Use-after-free, use-after-return, use-after-scope
* Double-free, invalid free
LeakSanitizer is a run-time memory leak detector. It can be combined
with AddressSanitizer to get both memory error and leak detection, or
used in a stand-alone mode.
UndefinedBehaviorSanitizer (UBSan) is a fast undefined behavior
detector. UBSan modifies the program at compile-time to catch various
kinds of undefined behavior during program execution, for example:
* Using misaligned or null pointer
* Signed integer overflow
* Conversion to, from, or between floating-point types which would
overflow the destination
1. http://clang.llvm.org/docs/AddressSanitizer.html
2. http://http://clang.llvm.org/docs/LeakSanitizer.html
3. http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
Signed-off-by: Petr Štetiar
---
CMakeLists.txt| 12 +++
tests/CMakeLists.txt | 5 +-
tests/cram/test_avl.t | 9 +++
tests/cram/test_base64.t | 30 ++-
tests/cram/test_blobmsg.t | 15
tests/cram/test_jshn.t| 144 ++
tests/cram/test_json_script.t | 55 +
tests/cram/test_list.t| 20 +
tests/cram/test_runqueue.t| 12 +++
9 files changed, 297 insertions(+), 5 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0b0c9e316bfb..dcd455c02dfb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -48,6 +48,14 @@ INSTALL(TARGETS ubox ubox-static
ADD_SUBDIRECTORY(lua)
ADD_SUBDIRECTORY(examples)
+MACRO(ADD_UNIT_TEST_SAN name)
+ ADD_EXECUTABLE(${name}-san ${name}.c)
+ TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer
-fsanitize=undefined,address,leak -fno-sanitize-recover=all)
+ TARGET_LINK_OPTIONS(${name}-san PRIVATE -fsanitize=undefined,address,leak)
+ TARGET_LINK_LIBRARIES(${name}-san ubox blobmsg_json json_script ${json})
+ TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR})
+ENDMACRO(ADD_UNIT_TEST_SAN)
+
IF(UNIT_TESTING)
ENABLE_TESTING()
ADD_SUBDIRECTORY(tests)
@@ -62,6 +70,10 @@ IF(EXISTS ${json})
SET_TARGET_PROPERTIES(blobmsg_json-static
PROPERTIES OUTPUT_NAME blobmsg_json)
+ IF(UNIT_TESTING)
+ ADD_UNIT_TEST_SAN(jshn)
+ ENDIF(UNIT_TESTING)
+
ADD_EXECUTABLE(jshn jshn.c)
TARGET_LINK_LIBRARIES(jshn blobmsg_json ${json})
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 1c448257a4d6..bd2205743318 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -8,6 +8,7 @@ ENDMACRO(ADD_UNIT_TEST)
FILE(GLOB test_cases "test-*.c")
FOREACH(test_case ${test_cases})
- GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
- ADD_UNIT_TEST(${test_case})
+ GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
+ ADD_UNIT_TEST(${test_case})
+ ADD_UNIT_TEST_SAN(${test_case})
ENDFOREACH(test_case)
diff --git a/tests/cram/test_avl.t b/tests/cram/test_avl.t
index 19a8d21f1f3e..d8d1640008c6 100644
--- a/tests/cram/test_avl.t
+++ b/tests/cram/test_avl.t
@@ -9,3 +9,12 @@ check that avl is producing expected results:
test_basics: delete 'one' element
test_basics: for each element reverse: zero two twelve three ten six seven
nine four five eleven eight
test_basics: delete all elements
+
+ $ test-avl-san
+ test_basics: insert: 0=zero 0=one 0=two 0=three 0=four 0=five 0=six 0=seven
0=eight 0=nine 0=ten 0=eleven 0=twelve
+ test_basics: insert duplicate: -1=zero -1=one -1=two -1=three -1=four
-1=five -1=six -1=seven -1=eight -1=nine -1=ten -1=eleven -1=twelve
+ test_basics: first=eight last=zero
+ test_basics: for each element: eight eleven five four nine one seven six ten
three twelve two zero
+ test_basics: delete 'one' element
+ test_basics: for each element reverse: zero two twelve three ten six seven
nine four five eleven eight
+ test_basics: delete all elements
diff --git a/tests/cram/test_base64.t b/tests/cram/test_base64.t
index 0a7a9d5c026d..ade41fb1eb2a 100644
--- a/tests/cram/test_base64.t
+++ b/tests/cram/test_base64.t
@@ -20,14 +20,38 @@ check that base64 is producing expected results:
5 fooba
6 foobar
+ $ test-b64-san
+ 0
+ 4 Zg==
+ 4 Zm8=
+ 4 Zm9v
+ 8 Zm9vYg==
+ 8 Zm9vYmE=
+ 8 Zm9vYmFy
+ 0
+ 1 f
+ 2 fo
+ 3 foo
+ 4 foob
+ 5 fooba
+ 6 foobar
+
check that b64_encode and b64_decode assert invalid input
- $ alias check="egrep '(dumped|Assertion)' | sed
's;.*\(b64_.*code\).*\(Assertion.*$\);\1: \2;' | LC_ALL=C sort"
+ $ alias check="egrep '(dumped|Assertion)' output.log | sed
's;.*\(b64_.*code\).*\(Assertion.*$\);\1: \2;' |
[OpenWrt-Devel] [PATCH libubox 02/20] blobmsg/ulog: fix format string compiler warnings
Fixes following compiler warnings:
blobmsg.c:242:39: error: format string is not a string literal
[-Werror,-Wformat-nonliteral]
blobmsg.c:248:23: error: format string is not a string literal
[-Werror,-Wformat-nonliteral]
ulog.c:100:18: error: format string is not a string literal
[-Werror,-Wformat-nonliteral]
ulog.c:112:16: error: format string is not a string literal
[-Werror,-Wformat-nonliteral]
ulog.c:117:20: error: format string is not a string literal
[-Werror,-Wformat-nonliteral]
Signed-off-by: Petr Štetiar
---
blobmsg.c | 8
ulog.c| 3 +++
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/blobmsg.c b/blobmsg.c
index a860483bfa7e..97e0c20575ff 100644
--- a/blobmsg.c
+++ b/blobmsg.c
@@ -230,8 +230,8 @@ blobmsg_open_nested(struct blob_buf *buf, const char *name,
bool array)
return (void *)offset;
}
-int
-blobmsg_vprintf(struct blob_buf *buf, const char *name, const char *format,
va_list arg)
+__attribute__((format(printf, 3, 0)))
+int blobmsg_vprintf(struct blob_buf *buf, const char *name, const char
*format, va_list arg)
{
va_list arg2;
char cbuf;
@@ -251,8 +251,8 @@ blobmsg_vprintf(struct blob_buf *buf, const char *name,
const char *format, va_l
return ret;
}
-int
-blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, ...)
+__attribute__((format(printf, 3, 4)))
+int blobmsg_printf(struct blob_buf *buf, const char *name, const char *format,
...)
{
va_list ap;
int ret;
diff --git a/ulog.c b/ulog.c
index b7300e720d21..05946a0c3521 100644
--- a/ulog.c
+++ b/ulog.c
@@ -87,6 +87,7 @@ static void ulog_defaults(void)
_ulog_initialized = 1;
}
+__attribute__((format(printf, 2, 0)))
static void ulog_kmsg(int priority, const char *fmt, va_list ap)
{
FILE *kmsg;
@@ -102,6 +103,7 @@ static void ulog_kmsg(int priority, const char *fmt,
va_list ap)
}
}
+__attribute__((format(printf, 2, 0)))
static void ulog_stdio(int priority, const char *fmt, va_list ap)
{
FILE *out = stderr;
@@ -112,6 +114,7 @@ static void ulog_stdio(int priority, const char *fmt,
va_list ap)
vfprintf(out, fmt, ap);
}
+__attribute__((format(printf, 2, 0)))
static void ulog_syslog(int priority, const char *fmt, va_list ap)
{
vsyslog(priority, fmt, ap);
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 01/20] cmake: use extra compiler warnings only on gcc6+
gcc version 4.8.4 (Ubuntu 14.04) and -Wextra produces following: json_script.c:124:3: error: missing initializer for field 'name' of 'struct blobmsg_policy' [-Werror=missing-field-initializers] Reported-by: Jonas Gorski Signed-off-by: Petr Štetiar --- CMakeLists.txt | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b80d551c112f..da7d03c7fc21 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,12 @@ INCLUDE(CheckLibraryExists) INCLUDE(CheckFunctionExists) PROJECT(ubox C) -ADD_DEFINITIONS(-Os -Wextra -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) + +ADD_DEFINITIONS(-Wall -Werror) +IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6) + ADD_DEFINITIONS(-Wextra) +ENDIF() +ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) OPTION(BUILD_LUA "build Lua plugin" ON) OPTION(BUILD_EXAMPLES "build examples" ON) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 03/20] cmake: add more hardening compiler flags
In order to spot possible issues with direct impact on security during QA on CI (GCC version 6 and higher). Ref: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/ Signed-off-by: Petr Štetiar --- CMakeLists.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index da7d03c7fc21..0b0c9e316bfb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,7 +6,8 @@ PROJECT(ubox C) ADD_DEFINITIONS(-Wall -Werror) IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6) - ADD_DEFINITIONS(-Wextra) + ADD_DEFINITIONS(-Wextra -Werror=implicit-function-declaration) + ADD_DEFINITIONS(-Wformat -Werror=format-security -Werror=format-nonliteral) ENDIF() ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH libubox 00/20] tests, fuzzing, fixes and improvements
Hi,
this patch series adds unit tests passed through Valgrind, unit tests covered
with Clang's {Address,Leak,UndefinedBehavior}Sanitizer, fuzzing with
libFuzzer and bunch of fixes uncovered by the new tests.
Petr Štetiar (17):
cmake: use extra compiler warnings only on gcc6+
blobmsg/ulog: fix format string compiler warnings
cmake: add more hardening compiler flags
tests: add unit tests covered with Clang sanitizers
tests: add libFuzzer based tests
tests: add test cases for blob parsing
test: fuzz: add blob_parse crashes
blob: refactor attr parsing into separate function
blob: introduce blob_parse_untrusted
tests: use blob_parse_untrusted variant
blob: fix OOB access in blob_check_type
test: fuzz: add blobmsg_check_attr crashes
tests: add test cases for blobmsg parsing
blobmsg: make blobmsg_len and blobmsg_data_len return unsigned value
blobmsg: fix heap buffer overflow in blobmsg_parse
tests: fuzz: fuzz _len variants of checking methods
blobmsg: reuse blobmsg_namelen in blobmsg_data
Tobias Schramm (3):
Ensure blob_attr length check does not perform out of bounds reads
Replace use of blobmsg_check_attr by blobmsg_check_attr_len
blobmsg: add _len variants for all attribute checking methods
CMakeLists.txt| 20 +-
blob.c| 98 +++---
blob.h| 11 +-
blobmsg.c | 89 ++---
blobmsg.h | 68 ++-
tests/CMakeLists.txt | 9 +-
tests/cram/inputs/invalid.ucert | Bin 0 -> 362 bytes
tests/cram/inputs/key-build.ucert | Bin 0 -> 356 bytes
tests/cram/test_avl.t | 9 +
tests/cram/test_base64.t | 30 ++-
tests/cram/test_blob_parse.t | 78
tests/cram/test_blobmsg.t | 15 ++
tests/cram/test_blobmsg_parse.t | 65 +++
tests/cram/test_jshn.t| 144 ++
tests/cram/test_json_script.t | 55 ++
tests/cram/test_list.t| 20 ++
tests/cram/test_runqueue.t| 12 ++
tests/fuzz/CMakeLists.txt | 18 ++
.../71520a5c4b5ca73903216857abbad54a8002d44a | Bin 0 -> 2 bytes
.../c1dfd96eea8cc2b62785275bca38ac261256e278 | 1 +
.../c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 | Bin 0 -> 3 bytes
...h-1b8fb1be45db3aff7699100f497fb74138f3df4f | Bin 0 -> 6 bytes
...h-333757b203a44751d3535f24b05f467183a96d09 | Bin 0 -> 10 bytes
...h-4c4d2c3c9ade5da9347534e290305c3b9760f627 | Bin 0 -> 17 bytes
...h-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b | Bin 0 -> 86 bytes
...h-75b146c4e6fac64d3e62236b27c64b50657bab2a | Bin 0 -> 4 bytes
...h-813f3e68661da09c26d4a87dbb9d5099e92be50f | Bin 0 -> 36 bytes
...h-98595faa58ba01d85ba4fd0b109cd3d490b45795 | Bin 0 -> 6 bytes
...h-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 | 1 +
...h-df9d1243057b27bbad6211e5a23d1cb699028aa2 | Bin 0 -> 16 bytes
...h-e2fd5ecb3b37926743256f1083f47a07c39e10c2 | Bin 0 -> 66 bytes
tests/fuzz/corpus/valid-blobmsg.bin | Bin 0 -> 176 bytes
tests/fuzz/test-fuzz.c| 100 ++
tests/test-blob-parse.c | 175 ++
tests/test-blobmsg-parse.c| 74
ulog.c| 3 +
36 files changed, 1035 insertions(+), 60 deletions(-)
create mode 100644 tests/cram/inputs/invalid.ucert
create mode 100644 tests/cram/inputs/key-build.ucert
create mode 100644 tests/cram/test_blob_parse.t
create mode 100644 tests/cram/test_blobmsg_parse.t
create mode 100644 tests/fuzz/CMakeLists.txt
create mode 100644 tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a
create mode 100644 tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278
create mode 100644 tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
create mode 100644
tests/fuzz/corpus/crash-1b8fb1be45db3aff7699100f497fb74138f3df4f
create mode 100644
tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09
create mode 100644
tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627
create mode 100644
tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b
create mode 100644
tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a
create mode 100644
tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f
create mode 100644
tests/fuzz/corpus/crash-98595faa58ba01d85ba4fd0b109cd3d490b45795
create mode 100644
tests/fuzz/corpus/crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1
create mode 100644
tests/fuzz/corpus/crash-df9d1243057b27bbad6211e5a23d1cb699028aa2
create mode 100644
tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2
create mode 100644 tests/fuzz/corpus/valid-blobmsg.bin
create mode 100644 tests/fuzz/test-fuzz.c
[OpenWrt-Devel] Видеокурс "Мастер делового администрирования" - ультрасовременные знания, методики и решения. 05_08_2019 02_10 199508
The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software.--- Begin Message --- ВИДЕОКУРС МАСТЕР ДЕЛОВОГО АДМИНИСТРИРОВАНИЯ Данный курс разработан практикующими специалистами рынка, ведущими тренерами и преподавателями с огромным опытом в бизнес-образовании. За 2 года подготовки учебной программы в её создании приняли участие более 300 специалистов-практиков, 100 ведущих российских тренеров и преподавателей. Российские компании предоставили для учебной программы свои бизнес-кейсы и примеры из отечественной практики. Предлагаемый курс – это замечательная возможность расширить собственный кругозор. В ходе обучения вы получите ультрасовременные знания, методики и решения, использование которых откроет вам иной взгляд на ведение бизнеса, поможет выработать прогрессивный системный подход к решению старых задач и обнаружить новые пути делового развития. Курс ориентирован для менеджеров и руководителей высшего звена, а также специалистов, которые планируют продвинуться по карьерной лестнице. Великолепно подойдёт для тех, кто хочет развиваться и двигаться по жизни вперёд или просто станет отличным подарком. Позволит сэкономить вам много времени, сил, нервов и денег, поскольку не нужно никуда ездить, занимайтесь изучением тогда, когда этого хочется вам, высокая гибкость - решайте сами, что и когда вы хотите изучать. Кроме самого видеокурса, записано много полезной информации, в частности: учебные пособия, актуальные статьи, даны задания для проведения самостоятельных работ по изученным темам, а также рекомендации по их выполнению. Особо стоит отметить, что даны не только теоретические, но и практические рекомендации, с учётом Российской действительности. Информация сгруппирована в модули: Экономика и право; Навыки личной эффективности менеджера; Общий менеджмент; Организационное поведение; Финансы в организации; Методы исследований в бизнесе; Общий маркетинг; Управление человеческими ресурсами; Учет и отчетность; Стратегический менеджмент; Стратегический маркетинг; Операционный менеджмент. ! Полный список тем вошедших в видеокурс вы можете увидеть в прикреплённом к письму файле ! Общая продолжительность видеокурса = 195 часов. Записана на внешний USB накопитель (флешка). Проблем с воспроизведением не возникнет, можно смотреть на компьютере, планшете, смартфоне, телевизоре и т.д. Запись на внешний USB накопитель имеет ряд преимуществ в сравнении с обычными DVD дисками, USB накопитель гораздо легче, занимает меньше места, обладает высокой надёжностью сохранности записей, а это значит, что наша коллекция будет радовать Вас много лет. Мы гарантируем отличное качество всех записей. На самом носителе создана продуманная структура, все записи разнесены по каталогам, имеются плейлисты, прописаны теги, а также полный список вошедших записей, поэтому проблем с поиском и навигацией не возникнет. Стоимость коллекции на внешнем USB накопителе — 6500 (Шесть Тысяч Пятьсот) Рублей. Продаются только вместе. Доставка включена в стоимость. Доставка и оплата коллекции осуществляется только по России — почтой, наложенным платежом, никакой предоплаты не требуется, оплата только в момент получения на почте, доставка включена в стоимость. Сроки доставки зависят от расстояния и степени загрузки почты, но как правило это 7-14 суток с момента отправки. Напоминаем, что у нас нет курьерской доставки — только почтой, в том числе и по Москве. Для оформления заказа просьба не забывать указывать: --- Ваш почтовый индекс (пишите правильный индекс — это ускорит доставку); --- Ваш город и точный адрес (название улицы, номер дома и номер квартиры); --- Ф.И.О. получателя и ОБЯЗАТЕЛЬНО номер контактного телефона (лучше сотовый); Заказы\вопросы направляйте по адресу: mbavi...@cwhflash.ru Мы очень ответственно относимся к качеству нашего товара, поэтому перед отправкой всё дополнительно проверяется, как следствие отправка бракованной продукции сведена к нулю. Товар упаковывается в специальный ударостойкий материал, что в значительной степени уменьшает риск повреждения при транспортировке. Если вдруг с полученным товаром возникнут проблемы, то все наши покупатели всегда могут рассчитывать на квалифицированную техническую поддержку. Мы никогда не отказываемся от гарантийных обязательств, в случае проблемы Вы можете рассчитывать на замену, почтовые расходы мы берём на себя. По вашему желанию, данная коллекция может быть записана на DVD диски. Для записи используются надёжные DVD диски со специальным покрытием, которое повышает устойчивость диска к механическим повреждениям, таким как трещины и царапины, а это значит, что наша коллекция будет радовать Вас много лет. Коллекция упакована в пластиковые боксы (slim-dvd), имеет красивые и продуманные обложки, с обратной стороны которых указан список вошедших на каждый
[OpenWrt-Devel] [PATCH 1/2] nl80211: add htmode to iwinfo_ops
This callback shows the currently active HTMODE of the device.
Signed-off-by: Daniel Danzberger
---
include/iwinfo.h | 4 ++-
iwinfo_nl80211.c | 70
2 files changed, 73 insertions(+), 1 deletion(-)
diff --git a/include/iwinfo.h b/include/iwinfo.h
index d035c9c..5e64294 100644
--- a/include/iwinfo.h
+++ b/include/iwinfo.h
@@ -88,8 +88,9 @@ enum iwinfo_htmode {
IWINFO_HTMODE_VHT80 = (1 << 4),
IWINFO_HTMODE_VHT80_80 = (1 << 5),
IWINFO_HTMODE_VHT160 = (1 << 6),
+ IWINFO_HTMODE_NOHT = (1 << 7),
- IWINFO_HTMODE_COUNT = 7
+ IWINFO_HTMODE_COUNT = 8
};
extern const char *IWINFO_HTMODE_NAMES[IWINFO_HTMODE_COUNT];
@@ -231,6 +232,7 @@ struct iwinfo_ops {
int (*mbssid_support)(const char *, int *);
int (*hwmodelist)(const char *, int *);
int (*htmodelist)(const char *, int *);
+ int (*htmode)(const char *, int *);
int (*ssid)(const char *, char *);
int (*bssid)(const char *, char *);
int (*country)(const char *, char *);
diff --git a/iwinfo_nl80211.c b/iwinfo_nl80211.c
index 4b6ef91..20d75e9 100644
--- a/iwinfo_nl80211.c
+++ b/iwinfo_nl80211.c
@@ -2958,6 +2958,75 @@ out:
return -1;
}
+struct chan_info {
+ int width;
+ int mode;
+};
+
+static int nl80211_get_htmode_cb(struct nl_msg *msg, void *arg)
+{
+ struct nlattr **tb = nl80211_parse(msg);
+ struct nlattr *cur;
+ struct chan_info *chn = arg;
+
+ if ((cur = tb[NL80211_ATTR_CHANNEL_WIDTH]))
+ chn->width = nla_get_u32(cur);
+
+ if ((cur = tb[NL80211_ATTR_BSS_HT_OPMODE]))
+ chn->mode = nla_get_u32(cur);
+
+ return NL_SKIP;
+}
+
+static int nl80211_get_htmode(const char *ifname, int *buf)
+{
+ struct chan_info chn = { .width = 0, .mode = 0 };
+ char *res;
+ int err;
+
+ res = nl80211_phy2ifname(ifname);
+ *buf = 0;
+
+ err = nl80211_request(res ? res : ifname,
+ NL80211_CMD_GET_INTERFACE, 0,
+ nl80211_get_htmode_cb, );
+ if (err)
+ return -1;
+
+ switch (chn.width) {
+ case NL80211_CHAN_WIDTH_20:
+ if (chn.mode == -1)
+ *buf = IWINFO_HTMODE_VHT20;
+ else
+ *buf = IWINFO_HTMODE_HT20;
+ break;
+ case NL80211_CHAN_WIDTH_40:
+ if (chn.mode == -1)
+ *buf = IWINFO_HTMODE_VHT40;
+ else
+ *buf = IWINFO_HTMODE_HT40;
+ break;
+ case NL80211_CHAN_WIDTH_80:
+ *buf = IWINFO_HTMODE_VHT80;
+ break;
+ case NL80211_CHAN_WIDTH_80P80:
+ *buf = IWINFO_HTMODE_VHT80_80;
+ break;
+ case NL80211_CHAN_WIDTH_160:
+ *buf = IWINFO_HTMODE_VHT160;
+ break;
+ case NL80211_CHAN_WIDTH_5:
+ case NL80211_CHAN_WIDTH_10:
+ case NL80211_CHAN_WIDTH_20_NOHT:
+ *buf = IWINFO_HTMODE_NOHT;
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
static int nl80211_get_htmodelist(const char *ifname, int *buf)
{
struct nl80211_modes m = { 0 };
@@ -3147,6 +3216,7 @@ const struct iwinfo_ops nl80211_ops = {
.mbssid_support = nl80211_get_mbssid_support,
.hwmodelist = nl80211_get_hwmodelist,
.htmodelist = nl80211_get_htmodelist,
+ .htmode = nl80211_get_htmode,
.mode = nl80211_get_mode,
.ssid = nl80211_get_ssid,
.bssid= nl80211_get_bssid,
--
2.24.0
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] toolchain/gcc: Backport patch to fix unconditional MULTIARCH_DIRNAME
Jeffery To [2019-12-19 19:50:41]: Hi, > On Tue, Nov 19, 2019 at 6:05 AM Jeffery To wrote: > > > This backports the patch for GCC PR target/89587 (gcc's rs6000 > > configuration unconditionally sets MULTIARCH_DIRNAME, even when > > multiarch is disabled). > > > > Can someone take a look at this change? This issue is preventing the Python > 3 package from compiling for apm821xx ( just added it to my staging tree and I'll push it once it passes some tests. -- ynezz ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] toolchain/gcc: Backport patch to fix unconditional MULTIARCH_DIRNAME
On Tue, Nov 19, 2019 at 6:05 AM Jeffery To wrote: > This backports the patch for GCC PR target/89587 (gcc's rs6000 > configuration unconditionally sets MULTIARCH_DIRNAME, even when > multiarch is disabled). > Can someone take a look at this change? This issue is preventing the Python 3 package from compiling for apm821xx ( https://github.com/openwrt/packages/issues/10552). Thanks, Jeff ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] iwinfo: add current hw and ht mode to info call
On 12/19/19 11:29 AM, Hauke Mehrtens wrote: > On 11/27/19 6:29 PM, Daniel Danzberger wrote: >> Signed-off-by: Daniel Danzberger >> --- >> iwinfo.c | 44 >> 1 file changed, 44 insertions(+) >> >> diff --git a/iwinfo.c b/iwinfo.c >> index a76b72a..7f46e3e 100644 >> --- a/iwinfo.c >> +++ b/iwinfo.c > > This file does not exist. This is the rpcd part of the patch. The file exists in the rpcd repository. > > Hauke > -- Regards Daniel Danzberger embeDD GmbH, Alter Postplatz 2, CH-6370 Stans ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 1/2] nl80211: add htmode to iwinfo_ops
On 11/27/19 6:29 PM, Daniel Danzberger wrote:
> This callback shows the currently active HTMODE of the device.
>
> Signed-off-by: Daniel Danzberger
> ---
> include/iwinfo.h | 4 ++-
> iwinfo_nl80211.c | 70
> 2 files changed, 73 insertions(+), 1 deletion(-)
>
> diff --git a/include/iwinfo.h b/include/iwinfo.h
> index d035c9c..5e64294 100644
> --- a/include/iwinfo.h
> +++ b/include/iwinfo.h
> @@ -88,8 +88,9 @@ enum iwinfo_htmode {
> IWINFO_HTMODE_VHT80 = (1 << 4),
> IWINFO_HTMODE_VHT80_80 = (1 << 5),
> IWINFO_HTMODE_VHT160 = (1 << 6),
> + IWINFO_HTMODE_NOHT = (1 << 7),
>
> - IWINFO_HTMODE_COUNT = 7
> + IWINFO_HTMODE_COUNT = 8
> };
>
> extern const char *IWINFO_HTMODE_NAMES[IWINFO_HTMODE_COUNT];
> @@ -231,6 +232,7 @@ struct iwinfo_ops {
> int (*mbssid_support)(const char *, int *);
> int (*hwmodelist)(const char *, int *);
> int (*htmodelist)(const char *, int *);
> + int (*htmode)(const char *, int *);
> int (*ssid)(const char *, char *);
> int (*bssid)(const char *, char *);
> int (*country)(const char *, char *);
> diff --git a/iwinfo_nl80211.c b/iwinfo_nl80211.c
> index 4b6ef91..36f1da2 100644
> --- a/iwinfo_nl80211.c
> +++ b/iwinfo_nl80211.c
> @@ -2958,6 +2958,75 @@ out:
> return -1;
> }
>
> +struct chan_info {
> + int width;
> + int mode;
> +};
> +
> +static int nl80211_get_htmode_cb(struct nl_msg *msg, void *arg)
> +{
> + struct nlattr **tb = nl80211_parse(msg);
> + struct nlattr *cur;
> + struct chan_info *chn = arg;
> +
> + if ((cur = tb[NL80211_ATTR_CHANNEL_WIDTH]))
> + chn->width = nla_get_u32(cur);
> +
> + if ((cur = tb[NL80211_ATTR_BSS_HT_OPMODE]))
> + chn->mode = nla_get_u32(cur);
> +
> + return NL_SKIP;
> +}
> +
> +static int nl80211_get_htmode(const char *ifname, int *buf)
> +{
> + struct chan_info chn = { .width = 0, .mode = 0 };
> + char *res;
> + int err;
> +
> + res = nl80211_phy2ifname(ifname);
> + *buf = 0;
> +
> + err = nl80211_request(res ? res : ifname,
> + NL80211_CMD_GET_INTERFACE, 0,
> + nl80211_get_htmode_cb, );
> + if (err)
> + return -1;
> +
> + switch (chn.width) {
> + case NL80211_CHAN_WIDTH_20_NOHT:
> + *buf = IWINFO_HTMODE_NOHT;
> + break;
> + case NL80211_CHAN_WIDTH_20:
> + if (chn.mode == -1)
> + *buf = IWINFO_HTMODE_VHT20;
> + else
> + *buf = IWINFO_HTMODE_HT20;
> + break;
> + case NL80211_CHAN_WIDTH_40:
> + if (chn.mode == -1)
> + *buf = IWINFO_HTMODE_VHT40;
> + else
> + *buf = IWINFO_HTMODE_HT40;
> + break;
> + case NL80211_CHAN_WIDTH_80:
> + *buf = IWINFO_HTMODE_VHT80;
> + break;
> + case NL80211_CHAN_WIDTH_80P80:
> + *buf = IWINFO_HTMODE_VHT80_80;
> + break;
> + case NL80211_CHAN_WIDTH_160:
> + *buf = IWINFO_HTMODE_VHT160;
> + break;
> + case NL80211_CHAN_WIDTH_5:
> + case NL80211_CHAN_WIDTH_10:
Should this also return IWINFO_HTMODE_NOHT ?
> + default:
> + break;
Why not return an error if nothing matches?
> + }
> +
> + return 0;
> +}
> +
> static int nl80211_get_htmodelist(const char *ifname, int *buf)
> {
> struct nl80211_modes m = { 0 };
> @@ -3147,6 +3216,7 @@ const struct iwinfo_ops nl80211_ops = {
> .mbssid_support = nl80211_get_mbssid_support,
> .hwmodelist = nl80211_get_hwmodelist,
> .htmodelist = nl80211_get_htmodelist,
> + .htmode = nl80211_get_htmode,
> .mode = nl80211_get_mode,
> .ssid = nl80211_get_ssid,
> .bssid= nl80211_get_bssid,
>
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] iwinfo: add current hw and ht mode to info call
On 11/27/19 6:29 PM, Daniel Danzberger wrote: > Signed-off-by: Daniel Danzberger > --- > iwinfo.c | 44 > 1 file changed, 44 insertions(+) > > diff --git a/iwinfo.c b/iwinfo.c > index a76b72a..7f46e3e 100644 > --- a/iwinfo.c > +++ b/iwinfo.c This file does not exist. Hauke ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] test
___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH fstools 2/3] libblkid: vfat: Fix reading labels which starts with byte 0x05
On Thursday 19 December 2019 09:30:30 Rafał Miłecki wrote:
> On Wed, 18 Dec 2019 at 12:44, Pali Rohár wrote:
> >
> > On Tuesday 17 December 2019 08:28:35 Rafał Miłecki wrote:
> > > From: Pali Rohár
> > >
> > > commit e526f503918cc29d8b1ccf36a5c3a34645d2be6e upstream.
> > >
> > > When FAT directory entry has leading byte 0x05 it is interpreted as byte
> > > 0xE5. This is how FAT stores file name which starts with byte 0xE5 as
> > > leading byte in 0xE5 in FAT directory entry means that file slot is empty.
> > >
> > > Fixes: #533
> > > ---
> > > libblkid-tiny/vfat.c | 2 ++
> > > 1 file changed, 2 insertions(+)
> > >
> > > diff --git a/libblkid-tiny/vfat.c b/libblkid-tiny/vfat.c
> > > index 49b865a..93e4053 100644
> > > --- a/libblkid-tiny/vfat.c
> > > +++ b/libblkid-tiny/vfat.c
> > > @@ -167,6 +167,8 @@ static unsigned char *search_fat_label(blkid_probe pr,
> > > if ((ent->attr & (FAT_ATTR_VOLUME_ID | FAT_ATTR_DIR)) ==
> > > FAT_ATTR_VOLUME_ID) {
> > > DBG(LOWPROBE, ul_debug("\tfound fs LABEL at entry
> > > %d", i));
> > > + if (ent->name[0] == 0x05)
> > > + ent->name[0] = 0xE5;
> > > return ent->name;
> > > }
> > > }
> >
> > Yes, this is my patch for util-linux project which was included in
> > upstream two years ago... It was part of my initiative to fix handling
> > of FAT labels in different Linux software, see for more details:
> > https://www.spinics.net/lists/kernel/msg2640891.html
> >
> > Do you need some help with FAT labels?
>
> No help needed as everything works correctly, thank you!
>
> As you can see vfat.c copy in OpenWrt's fstools project was quite
> outdated. Porting your fixes makes it work for me perfectly!
Ok.
--
Pali Rohár
pali.ro...@gmail.com
signature.asc
Description: PGP signature
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] test
___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH fstools 2/3] libblkid: vfat: Fix reading labels which starts with byte 0x05
On Wed, 18 Dec 2019 at 12:44, Pali Rohár wrote:
>
> On Tuesday 17 December 2019 08:28:35 Rafał Miłecki wrote:
> > From: Pali Rohár
> >
> > commit e526f503918cc29d8b1ccf36a5c3a34645d2be6e upstream.
> >
> > When FAT directory entry has leading byte 0x05 it is interpreted as byte
> > 0xE5. This is how FAT stores file name which starts with byte 0xE5 as
> > leading byte in 0xE5 in FAT directory entry means that file slot is empty.
> >
> > Fixes: #533
> > ---
> > libblkid-tiny/vfat.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/libblkid-tiny/vfat.c b/libblkid-tiny/vfat.c
> > index 49b865a..93e4053 100644
> > --- a/libblkid-tiny/vfat.c
> > +++ b/libblkid-tiny/vfat.c
> > @@ -167,6 +167,8 @@ static unsigned char *search_fat_label(blkid_probe pr,
> > if ((ent->attr & (FAT_ATTR_VOLUME_ID | FAT_ATTR_DIR)) ==
> > FAT_ATTR_VOLUME_ID) {
> > DBG(LOWPROBE, ul_debug("\tfound fs LABEL at entry
> > %d", i));
> > + if (ent->name[0] == 0x05)
> > + ent->name[0] = 0xE5;
> > return ent->name;
> > }
> > }
>
> Yes, this is my patch for util-linux project which was included in
> upstream two years ago... It was part of my initiative to fix handling
> of FAT labels in different Linux software, see for more details:
> https://www.spinics.net/lists/kernel/msg2640891.html
>
> Do you need some help with FAT labels?
No help needed as everything works correctly, thank you!
As you can see vfat.c copy in OpenWrt's fstools project was quite
outdated. Porting your fixes makes it work for me perfectly!
--
Rafał
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
