This extends the blob_parse() function to check that no inner attribute
is bigger than the outside attribute. The blob_parse_untrusted() should
be used when we know the size of blob_attr *attr, in some other way.
Signed-off-by: Hauke Mehrtens <ha...@hauke-m.de>
---
blob.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/blob.c b/blob.c
index 528e717..0ed6c80 100644
--- a/blob.c
+++ b/blob.c
@@ -295,9 +295,10 @@ blob_parse(struct blob_attr *attr, struct blob_attr
**data, const struct blob_at
struct blob_attr *pos;
int found = 0;
size_t rem;
+ size_t len = blob_raw_len(attr);
memset(data, 0, sizeof(struct blob_attr *) * max);
- blob_for_each_attr(pos, attr, rem) {
+ blob_for_each_attr_len(pos, attr, len, rem) {
found += blob_parse_attr(pos, rem, data, info, max);
}
--
2.20.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
