--- /dev/null
+Date: Sat, 19 Feb 2022 08:51:28 +0100
+Subject: alfred: Ensure processed change_iface packet is 0-terminated
+
+A client sending a alfred_change_interface_v0 packet to the alfred server
+might have forgotten to 0-terminate the string. In this case, strstr in
+unix_sock_change_iface might read outside of the available buffer.
+
+Origin: upstream, https://git.open-mesh.org/alfred.git/commit/d2d27e4b9d697928d21dfa5c79908618ef8b56ac
+
+--- a/unix_sock.c
++++ b/unix_sock.c
+@@ -329,6 +329,8 @@ unix_sock_change_iface(struct globals *g
+ if (len < (int)(sizeof(*change_iface) - sizeof(change_iface->header)))
+ goto err;
+
++ change_iface->ifaces[sizeof(change_iface->ifaces) - 1] = '\0';
++
+ if (globals->opmode == OPMODE_SECONDARY) {
+ if (strstr(change_iface->ifaces, ",") != NULL) {
+ ret = -EINVAL;
--- /dev/null
+Date: Sat, 19 Feb 2022 08:51:28 +0100
+Subject: alfred: Ensure processed change_bat_iface packet is 0-terminated
+
+A client sending a alfred_change_bat_iface_v0 packet to the alfred server
+might have forgotten to 0-terminate the string. In this case, strdup in
+alfred_change_bat_iface_v0 might read outside of the available buffer.
+
+Fixes: b96cc742ef3e ("alfred: introduce 'change batman-adv interface' IPC call")
+Origin: upstream, https://git.open-mesh.org/alfred.git/commit/6beca03bdafd24cc46b4aa7ff2b87612471bdab0
+
+--- a/unix_sock.c
++++ b/unix_sock.c
+@@ -360,6 +360,7 @@ unix_sock_change_bat_iface(struct global
+ goto err;
+
+ free(globals->mesh_iface);
++ change_bat_iface->bat_iface[sizeof(change_bat_iface->bat_iface) - 1] = '\0';
+ globals->mesh_iface = strdup(change_bat_iface->bat_iface);
+
+ ret = 0;
projects / feed / routing.git / commitdiff