[OpenWrt-Devel] [PATCH fstools] block: validate amount of arguments for the "autofs" command
Rafał Miłecki
zajec5 at gmail.com
Fri Dec 7 11:26:31 EST 2018
From: Rafał Miłecki <rafal at milecki.pl>
Using argv[3] without checking argc value could result in undefined
behavior. It could result in a crash or accessing a NULL that separates
argv from envp on UNIX.
Signed-off-by: Rafał Miłecki <rafal at milecki.pl>
---
block.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/block.c b/block.c
index 8972fdf..1edc9b8 100644
--- a/block.c
+++ b/block.c
@@ -1189,8 +1189,12 @@ static int main_autofs(int argc, char **argv)
blockd_notify(pr->dev, m, pr);
}
return 0;
+ } else {
+ if (argc < 4)
+ return -EINVAL;
+
+ return mount_action(argv[2], argv[3], TYPE_AUTOFS);
}
- return mount_action(argv[2], argv[3], TYPE_AUTOFS);
}
static int find_block_mtd(char *name, char *part, int plen)
--
2.13.7
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list