!
Regards,
Juraj
On Mon, Jan 20, 2020 at 12:09 PM Petr Štetiar wrote:
>
> Juraj Vijtiuk [2020-01-14 22:11:18]:
>
> Hi,
>
> I just sent v2 for review[2], can you check it please?
>
> > > > @@ -191,7 +197,11 @@ int blobmsg_parse(const struct blobmsg_policy
Hello,
On Sun, Jan 12, 2020 at 01:09:57PM +0100, Petr Štetiar wrote:
> > @@ -35,10 +35,16 @@ static bool blobmsg_check_name(const struct blob_attr
> > *attr, size_t len, bool na
> > char *limit = (char *) attr + len;
> > const struct blobmsg_hdr *hdr;
> >
> > + if (len < sizeof(struct b
ed only the start of the blobmsg_hdr struct,
and blobmsg_hdr name was empty. The bugs were discovered by fuzzing
blobmsg_parse and blobmsg_array_parse with LibFuzzer.
Signed-off-by: Juraj Vijtiuk
CC: Luka Perkov
diff --git a/blobmsg.c b/blobmsg.c
index 1dd57e1..0988f60 100644
--- a/blobmsg.c
+++
