From patchwork Mon May 3 14:25:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stefano Babic X-Patchwork-Id: 1473215 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com (client-ip=2a00:1450:4864:20::237; helo=mail-lj1-x237.google.com; envelope-from=swupdate+bncbd2zdgn6sekrb34pyccamgqe3p3y3fy@googlegroups.com; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.a=rsa-sha256 header.s=20161025 header.b=Uq4uZXBv; dkim-atps=neutral Received: from mail-lj1-x237.google.com (mail-lj1-x237.google.com [IPv6:2a00:1450:4864:20::237]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FYldL1wWpz9sCD for ; Tue, 4 May 2021 00:25:56 +1000 (AEST) Received: by mail-lj1-x237.google.com with SMTP id m13-20020a2ea58d0000b02900befedba4e4sf2606306ljp.11 for ; Mon, 03 May 2021 07:25:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1620051952; cv=pass; d=google.com; s=arc-20160816; b=PlSUd+/ZSgDi9j8rTJc7rV1+qvWgZfaJQmvlOyCF0reimj65b4lJ/S46HDNeoiJr7g RCtd0a7WW/inxszTo0LqZ/yKos+kOMtPrPqISsxM4YACPwUB0EEUJa8rIicbNYmtEf47 zR2Qk7VaC+w4e+/ti4Ob64fLCWBzYXbkmmALP3C1JY1rSbXN6UesPqD4UDzCNY3WyjUG J5ZkKrSu8/QIWJz4kgE4gYKomHMsDQMdXua2t5bhZP8+LGBoJ1HAMLCLfPU9bnabmlMR uGL58TW6JcA+F22Pny/orvTIT2t+kUVg2y0efIATZXOZgOtq3ipPfP3Oa904En0NqRgU X/qw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:sender :dkim-signature; bh=gcdz3LBGiTcn3J0/yAJBZCDcrmD/hHtrzLZPFsWrHRw=; b=Kjw8EWoCb9gEeVTNkpplhUY4znnJH8OWxLRBMwLFIow65ITLhRp/iqFgw4TQBhZpLU d2kzSgBMj/H/oVLjA6HwRD0Xnr/cCVn4c8rON9KSCequYOpqsicqU9Gamkuc/ZIySh+F Bw8QcgKMfJZXKDOAQT/+DCK2t1ERKfW8SGr83T6Hd/SDCpTYvQpePCzVv7DpgZfvbMZc dMmuDKYH/d6L/cFXISW+szdjRO4AYwKIaDh35UDymWhdSomyY/RDAiXzJ+DcgYOyxYo6 8JbYKCdgLTK7c9nhWKBMenoWI0Me/kFlyuNWozlph7Kb6/n29RUXC9tYZGG/7GLWF/Jw b5NQ== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of stefano.babic@babic.homelinux.org) smtp.mailfrom=stefano.babic@babic.homelinux.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-subscribe:list-unsubscribe; bh=gcdz3LBGiTcn3J0/yAJBZCDcrmD/hHtrzLZPFsWrHRw=; b=Uq4uZXBv+vSK2efe6C3Q+euM475MFYez84dZ+6eY+GgcCqmSEJHGWDXtL09rAAd3aM rglFvT1II34uCmm35XwDfRP8HkjLCYXUlxxSV/X/np81AlyupYyfSrQUaSWfj6kIKxzj 8tpF2qZPX90QZaL9V5iHvrVJz5llxJ4CnomlmszMgaqcTIq2K1KZhl/sdNa3mF4a3ONS AiQl+3eMWzdM29AIVTzTTQT+5Jzd9KPUgiuW555Fqax52wvQPv2g1KVrY26F9jGZSVzM CLwzUrNxkqGxAR4uKV0t9xzWXNr+k6dSGLaNxTZXXvxxI6LrkVwx3NplV8AJzJTOHz44 AEjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=gcdz3LBGiTcn3J0/yAJBZCDcrmD/hHtrzLZPFsWrHRw=; b=O0hxYKkr/tJJIgUY/7PUcPXF26jbxPgEHScjvzcR+SUbZLhUQenLhLb8LzVK4Il6/Z JIXPVXTwQgFmhmCUaIK6zELW0VPJ1J7GLGcvD5FS8IXqe3R0dqdPSP4avAkJg+Hc+Mjt ciEbc7tOl49lCA2EOPedAgLsyNle3RK7rnnF7g9Iq6LVCyOmcr6NBmjAP76u/icBnU5T BFK4OkY2qJ/Nj0Yr5u+dr1EbqBx26ZuvrGbLWqzP5RbU/IZwW17c4NEPFjGllS2MuId1 GsK1OMFOk7PlYc9zVzW2HIXPZ4OuKgN7NqCSz6CrqEndQJwp+6V5TQsvrIAYPQ2zvjco PKXg== Sender: swupdate@googlegroups.com X-Gm-Message-State: AOAM532KnHzU/PUhBMd7aJX1DDJvcdVijhz8N4K8wSGgVG0UQ2av478+ 65ei2eICz+rvipWx5IeTyg0= X-Google-Smtp-Source: ABdhPJw5jojo+MJHHcX3CoaY0i3CIjnAObksJcLbY60liCpKnL8kWdBF1C5wTAcHN4AiVWkiSXJ39w== X-Received: by 2002:ac2:495a:: with SMTP id o26mr13030717lfi.419.1620051951991; Mon, 03 May 2021 07:25:51 -0700 (PDT) X-BeenThere: swupdate@googlegroups.com Received: by 2002:a05:651c:1025:: with SMTP id w5ls1223206ljm.0.gmail; Mon, 03 May 2021 07:25:51 -0700 (PDT) X-Received: by 2002:a2e:9f07:: with SMTP id u7mr13789980ljk.423.1620051951005; Mon, 03 May 2021 07:25:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620051951; cv=none; d=google.com; s=arc-20160816; b=o0ZtxOfKXLmf8dbSUW1ieMaBVUhqb19keTPCvxN0nEP8+aLVErZduILwryvmJP2Hv/ 2BQPx05jH53zo0qEFVro8o5hydigeCnNcWxqRf3OWTOAXDi4mKq56TUxwWJrIQjXHJFf 6USxlWNP7w/ouNw//UYmrSxVQLQers4l/VLt2HwZDRMa3074eX9seFsAwIFv4zotwByI Iba5aoHABpAh4lClqU6UA613Myb9ykLsGvW3Z3cUSWnpO9EDme6jlb6bceKYKjm5FH8l AZKeIyDQPp/vnZ7HD7ICR73Jtmaq9brVWLRctaQIFbDNzABbphO5ZqLhNHNzB9YcKypY pYEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=XAIBG6vlyaCZVZMGQ8PEgPcyrFx9PYde/KjUQEywbuM=; b=xqvrw8NUInOdPTAtBaJsAJzsFYs3JrFUNgx+m85jG4cgLjXBcA+b5qOr0m3sE06cH2 GFqujP9JTLJhq4eJgtdfUY7MwewjzAnRS78yFfnYGnlCNF/fA96CLBOxGIFHW6ZRHXJk 2oo9EjXYAv9Mtv6aUSqmUuPpzkPO+YRck+wPzd1wZ2lzW82ufpi3A6T/cYDAO5Uzc4GG 0A5xV5uxwEnTWrgFZ1XqJkhnIRLQOCfjw0Mxf21XjDBHxkkr6br5L/G8EHKkKw01L0yy RjgFr0CMBMl8mExrp37zqi6jrljoPG63Ir52rtDaJy1jUPXK2plGRA7TkGrmNOpe4aFj wvGw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of stefano.babic@babic.homelinux.org) smtp.mailfrom=stefano.babic@babic.homelinux.org Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.9]) by gmr-mx.google.com with ESMTPS id p18si981665lji.8.2021.05.03.07.25.50 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 May 2021 07:25:50 -0700 (PDT) Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of stefano.babic@babic.homelinux.org) client-ip=212.18.0.9; Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 4FYldB34NRz1qs3t; Mon, 3 May 2021 16:25:50 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 4FYldB2t2Fz1qqkP; Mon, 3 May 2021 16:25:50 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id KO1QaxuXt-CL; Mon, 3 May 2021 16:25:49 +0200 (CEST) Received: from babic.homelinux.org (host-88-217-136-221.customer.m-online.net [88.217.136.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPS; Mon, 3 May 2021 16:25:49 +0200 (CEST) Received: from localhost (mail.babic.homelinux.org [127.0.0.1]) by babic.homelinux.org (Postfix) with ESMTP id 42F6C45411E2; Mon, 3 May 2021 16:25:49 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at babic.homelinux.org Received: from babic.homelinux.org ([IPv6:::1]) by localhost (mail.babic.homelinux.org [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id VDVRI6GTFanU; Mon, 3 May 2021 16:25:47 +0200 (CEST) Received: from paperino.fritz.box (paperino.fritz.box [192.168.178.48]) by babic.homelinux.org (Postfix) with ESMTP id 0482B4540CBC; Mon, 3 May 2021 16:25:47 +0200 (CEST) From: stefano.babic@babic.homelinux.org To: swupdate@googlegroups.com Cc: joerg.mohr@solectrix.de, Stefano Babic Subject: [swupdate] [PATCH V2] BUG: buffer overflow with semantic version > 50 Date: Mon, 3 May 2021 16:25:44 +0200 Message-Id: <20210503142544.106348-1-stefano.babic@babic.homelinux.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Original-Sender: stefano.babic@babic.homelinux.org X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of stefano.babic@babic.homelinux.org) smtp.mailfrom=stefano.babic@babic.homelinux.org Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , From: Stefano Babic SWUpdate accepts long version string up to SWUPDATE_GENERAL_STRING_SIZE (that is 255 bytes), but the semver library has a fixed buffer that was set to 50, causing a buffer overflow. Set buffer for semver also to SWUPDATE_GENERAL_STRING_SIZE that is the maximum version's length. Signed-off-by: Stefano Babic Reported-by: Jörg Mohr --- V2: bug reported by Jörg, added to commit message core/semver.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/semver.c b/core/semver.c index 763e7a0..67fc786 100644 --- a/core/semver.c +++ b/core/semver.c @@ -10,8 +10,9 @@ #include #include #include "semver.h" +#include "globals.h" -#define SLICE_SIZE 50 +#define SLICE_SIZE SWUPDATE_GENERAL_STRING_SIZE #define DELIMITER "." #define PR_DELIMITER "-" #define MT_DELIMITER "+"