mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-06 13:09:50 +00:00
Code Issues Releases Activity
30740f45ce
freebsd/sys/contrib
History
Mariusz Zaborski 30740f45ce The nvlist_move_nvpair() function can fail in two cases, if: 
- the nvlist error is set, or
- the nvlist case ignore flag is not set and there is attend to
  add element with duplicated name.
In both cases the nvlist_move_nvpair() function free nvpair structure.
If library will try to unpack a binary blob which contains duplicated
names it will end up with using memory after free.

To prevent that, the nvlist_move_nvpair() function interface is changed
to report about failure and checks are added to the nvpair_xunpack()
function.

Discovered thanks to the american fuzzy lop.

Approved by:	pjd (mentor)
2015-08-11 18:01:10 +00:00
..
alpine-hal Import Annapurna Labs Alpine HAL to sys/contrib/ 2015-07-28 14:20:33 +00:00
cloudabi Import the latest CloudABI system call definitions and table. 2015-08-05 13:09:46 +00:00
dev Import OpenBSD's iwm WiFi driver for Intel 3160/7260/7265. 2015-08-08 06:06:48 +00:00
ipfilter/netinet CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
libfdt
libnv The nvlist_move_nvpair() function can fail in two cases, if: 2015-08-11 18:01:10 +00:00
ngatm Fix the following -Werror warning from clang 3.5.0, while building 2014-11-19 07:47:37 +00:00
octeon-sdk
rdma/krping Update the infiniband stack to Mellanox's OFED version 2.1. 2015-02-17 08:40:27 +00:00
v4l
vchiq/interface CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
x86emu Sync with OpenBSD: Use volatile instead of __volatile__. 2015-04-13 20:23:46 +00:00
xz-embedded