fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-24 18:20:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

lldp: backslash escape untrusted chassis-id,port-id strings

Browse source 
This is a serious issue, because this is not guaranteed to be UTF-8
data.

Fixes: 07a9364d9c ('device: export list of LLDP neighbors through D-Bus')
This commit is contained in:
Thomas Haller 2020-06-08 16:55:40 +02:00
parent 2b52b003f8
commit 8cd9b87c91
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/devices/nm-lldp-listener.c
View file

@ -522,7 +522,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
case SD_LLDP_CHASSIS_SUBTYPE_INTERFACE_NAME:
case SD_LLDP_CHASSIS_SUBTYPE_LOCALLY_ASSIGNED:
case SD_LLDP_CHASSIS_SUBTYPE_CHASSIS_COMPONENT:
neigh->chassis_id = g_strndup ((const char *) chassis_id, chassis_id_len);
neigh->chassis_id = nm_utils_buf_utf8safe_escape_cp (chassis_id, chassis_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
?: g_new0 (char, 1);
break;
case SD_LLDP_CHASSIS_SUBTYPE_MAC_ADDRESS:
neigh->chassis_id = nm_utils_hwaddr_ntoa (chassis_id, chassis_id_len);
@ -538,7 +539,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
case SD_LLDP_PORT_SUBTYPE_INTERFACE_NAME:
case SD_LLDP_PORT_SUBTYPE_LOCALLY_ASSIGNED:
case SD_LLDP_PORT_SUBTYPE_PORT_COMPONENT:
neigh->port_id = strndup ((char *) port_id, port_id_len);
neigh->port_id = nm_utils_buf_utf8safe_escape_cp (port_id, port_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
?: g_new0 (char, 1);
break;
case SD_LLDP_PORT_SUBTYPE_MAC_ADDRESS:
neigh->port_id = nm_utils_hwaddr_ntoa (port_id, port_id_len);