ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-21 20:08:24 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
9ce6aa9d8d
openwrt/package/system
History
Petr Štetiar cc344f1513 ubus: backport fixes for UAF and other issues 
Backporting following fixes:

 a72457b61df0 libubus: increase stack depth for processing obj msgs
 ef038488edc3 libubus: process pending messages in data handler if stack depth is 0
 2099bb3ad997 libubus: use list_empty/list_first_entry in ubus_process_pending_msg

where at least commit 2099bb3ad997 ("libubus: use
list_empty/list_first_entry in ubus_process_pending_msg") fixes UAF
issue I've introduced in commit c5f2053dfcfd ("workaround possibly false
positive uses of memory after it is freed") while fixing another false
positive UAF reported[1] by clang's static analyzer.

Those fixes are being used in master/21.02 for about 6 months, so should
be tested enough and considered for backporting. I've runtested those
fixes on mvebu/turris-omnia and ipq40xx/glinet-b1300 devices.

1. https://openwrt.gitlab.io/-/project/ubus/-/jobs/2096090992/artifacts/build/scan/2022-02-15-150310-70-1/index.html

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-02-21 07:41:05 +01:00
..
ca-certificates ca-certificates: update to version 20200601 2020-06-09 22:46:13 +02:00
fstools fstools: blockd: fix segfault triggered by non-autofs mounts 2020-05-12 13:24:23 +02:00
fwtool fwtool: do not omit final 16 byte when image does not contain signature 2019-10-17 17:08:09 +02:00
iucode-tool tools: add iucode-tool 2018-02-11 14:39:16 +01:00
mtd mtd: Activate LTO compile option 2019-11-30 00:18:40 +01:00
openwrt-keyring openwrt-keyring: Only copy sign key for 19.07 and 21.02 2021-05-16 15:34:49 +02:00
opkg opkg: update to latest git HEAD of branch openwrt-19.07 2021-02-03 22:37:31 +01:00
procd procd: turn error into debug message for missing ujail binary 2020-03-28 13:46:37 +01:00
rpcd rpcd: update to latest openwrt-19.07 Git HEAD 2020-05-26 17:29:09 +02:00
ubox ubox: fix init script validation of log_ip option 2021-05-28 15:26:31 +02:00
ubus ubus: backport fixes for UAF and other issues 2022-02-21 07:41:05 +01:00
ucert ucert: update to latest git HEAD 2020-05-24 17:04:48 +02:00
uci uci: Backport security fixes 2020-10-28 23:22:44 +01:00
urandom-seed base-files: move urandom seed bits into separate package 2019-07-22 09:53:01 +02:00
urngd urngd: update to version 2020-01-21 2020-01-21 20:03:43 +01:00
usign usign: update to latest git HEAD 2020-05-23 13:40:25 +02:00
zram-swap zram-swap: Add extra commands for status/compaction 2019-09-04 13:24:43 +02:00