fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-27 15:10:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src
History
Evgeny Vereshchagin 5b140a77bc dhcp6: fix an off-by-one error in dhcp6_option_parse_domainname 
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200055fa9c at pc 0x0000005458f1 bp 0x7ffc78940d90 sp 0x7ffc78940d88
READ of size 1 at 0x60200055fa9c thread T0
    #0 0x5458f0 in dhcp6_option_parse_domainname /work/build/../../src/systemd/src/libsystemd-network/dhcp6-option.c:555:29
    #1 0x54706e in dhcp6_lease_set_domains /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-lease.c:242:13
    #2 0x53fce0 in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:984:29
    #3 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
    #4 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
    #5 0x7f0f7159deee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
    #6 0x7f0f7159d431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
    #7 0x7f0f7159ea8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
    #8 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
    #9 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
    #10 0x57bec8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
    #11 0x579d67 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
    #12 0x57dc92 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
    #13 0x580ca6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
    #14 0x55e968 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #15 0x551a1c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #16 0x7f0f701a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #17 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)

https://github.com/systemd/systemd/pull/10200
b387d3c132
(cherry picked from commit 7cb7cffc49)
(cherry picked from commit cd3aacefdd)
2018-10-29 16:31:36 +01:00
..
devices core: fix route metric set to -1 on DHCP renewal 2018-10-23 10:18:24 +02:00
dhcp dhcp: allowing changing route metric and route table 2018-09-12 09:52:04 +02:00
dns dns: dnsmasq: avoid crash when no reverse domains exist 2018-09-13 15:09:08 +02:00
dnsmasq build: use default NM_BUILD_* defines for tests 2018-05-31 15:59:38 +02:00
ndisc ndisc: mark a keep-alive variable unused 2018-10-22 18:25:09 +02:00
platform platform/netlink: fix overrun in attribute iteration in nla_ok() 2018-10-10 12:17:13 +02:00
ppp ppp: cleanup logging in impl_ppp_manager_set_ifindex() 2018-10-04 20:50:22 +02:00
settings settings-connection: don't expect system_secrets always present 2018-06-22 16:46:05 +02:00
supplicant wifi: support hidden ssid in AP mode 2018-09-27 14:16:37 +02:00
systemd dhcp6: fix an off-by-one error in dhcp6_option_parse_domainname 2018-10-29 16:31:36 +01:00
tests all: replace systemd's siphash24 with c-siphash 2018-05-31 15:59:38 +02:00
vpn vpn: disconnect signal handlers from proxy in NMVpnConnection::dispose() 2018-09-14 15:25:06 +02:00
main-utils.c all: use nm_close() instead of close() 2017-11-14 15:10:42 +01:00
main-utils.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
main.c main: warn about invalid logging domains configuration using nm-log 2018-06-27 09:21:33 +02:00
meson.build meson: distinguish arch specific and arch neutral lib dir 2018-05-09 12:59:39 +02:00
NetworkManagerUtils.c core: add nm_shutdown_register_watchdog() for marking object to wait for shutdown 2018-05-25 12:35:49 +02:00
NetworkManagerUtils.h core: add and use NM_SHUTDOWN_TIMEOUT_MS as duration that we plan for shutdown 2018-05-25 12:35:49 +02:00
nm-act-request.c shared: drop duplicate c-list.h header 2018-04-18 15:22:14 +02:00
nm-act-request.h core: specify an activation reason for active connections 2018-04-08 09:40:14 +02:00
nm-active-connection.c active-connection: fix build with clang-6.0 2018-05-21 12:02:26 +02:00
nm-active-connection.h core: rework passing user-data to nm_active_connection_authorize() 2018-04-24 09:03:39 +02:00
nm-audit-manager.c all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-audit-manager.h checkpoint: allow resetting the rollback timeout via D-Bus 2018-04-04 14:02:13 +02:00
nm-auth-manager.c auth-manager: use the correct function to deallocate a GError 2018-05-02 14:55:01 +02:00
nm-auth-manager.h auth-manager: add helper function nm_auth_call_result_eval() 2018-04-13 09:09:46 +02:00
nm-auth-subject.c auth-subject: minor cleanup of _new_unix_process() 2018-04-16 16:03:14 +02:00
nm-auth-subject.h all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-auth-utils.c core: add nm_auth_is_subject_in_acl_set_error() helper 2018-04-18 07:55:15 +02:00
nm-auth-utils.h core: add nm_auth_is_subject_in_acl_set_error() helper 2018-04-18 07:55:15 +02:00
nm-checkpoint-manager.c checkpoint: fix D-Bus operation to destroy checkpoint 2018-05-03 14:38:10 +02:00
nm-checkpoint-manager.h checkpoint: allow resetting the rollback timeout via D-Bus 2018-04-04 14:02:13 +02:00
nm-checkpoint.c core: specify an activation reason for active connections 2018-04-08 09:40:14 +02:00
nm-checkpoint.h checkpoint: allow resetting the rollback timeout via D-Bus 2018-04-04 14:02:13 +02:00
nm-config-data.c all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-config-data.h all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-config.c all: use the elvis operator wherever possible 2018-05-10 14:36:58 +02:00
nm-config.h core: use define for configuration name "wifi.scan-rand-mac-address" 2017-12-27 09:18:54 +01:00
nm-connectivity.c connectivity: fix crash when removing easy-handle from curl callback 2018-09-17 18:23:29 +02:00
nm-connectivity.h connectivity: fix crash when removing easy-handle from curl callback 2018-09-17 18:23:29 +02:00
nm-core-utils.c device: handle failure in generate_duid_from_machine_id() in dhcp6_get_duid() 2018-06-12 14:45:40 +02:00
nm-core-utils.h libnm-core: add ipv6.dhcp-duid property 2018-06-08 18:23:31 +02:00
nm-dbus-manager.c core/dbus: stop NMDBusManager and reject future method calls 2018-04-24 10:25:26 +02:00
nm-dbus-manager.h core/dbus: stop NMDBusManager and reject future method calls 2018-04-24 10:25:26 +02:00
nm-dbus-object.c core/dbus: stop NMDBusManager and reject future method calls 2018-04-24 10:25:26 +02:00
nm-dbus-object.h core/dbus: stop NMDBusManager and reject future method calls 2018-04-24 10:25:26 +02:00
nm-dbus-utils.c core: don't explicitly set D-Bus path properties to "/" 2018-04-18 07:55:15 +02:00
nm-dbus-utils.h core/dbus: stop NMDBusManager and reject future method calls 2018-04-24 10:25:26 +02:00
nm-dcb.c build: don't add subdirectories to include search path but require qualified include 2016-11-21 14:26:37 +01:00
nm-dcb.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-dhcp4-config.c core: sort DHCP options that are exported on D-Bus 2018-04-23 15:43:39 +02:00
nm-dhcp4-config.h core: refactor private data in "src" 2016-10-04 09:50:56 +02:00
nm-dhcp6-config.c core: sort DHCP options that are exported on D-Bus 2018-04-23 15:43:39 +02:00
nm-dhcp6-config.h core: refactor private data in "src" 2016-10-04 09:50:56 +02:00
nm-dispatcher.c all: use the elvis operator wherever possible 2018-05-10 14:36:58 +02:00
nm-dispatcher.h all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-firewall-manager.c all: use the elvis operator wherever possible 2018-05-10 14:36:58 +02:00
nm-firewall-manager.h firewall: merge "started" signal and "available" property 2017-04-21 09:09:01 +02:00
nm-hostname-manager.c core,cli: replace wrong pattern for clearing GError 2017-06-27 09:42:28 +02:00
nm-hostname-manager.h hostname: cache hostname-manager's hostname property 2017-05-12 17:29:33 +02:00
nm-iface-helper.c device: emit IP address changes in queued_ip_config_change() only once 2018-06-29 16:43:10 +02:00
nm-ip4-config.c core: handle route metric when reapplying dynamic IP methods 2018-09-12 09:52:06 +02:00
nm-ip4-config.h core: handle route metric when reapplying dynamic IP methods 2018-09-12 09:52:06 +02:00
nm-ip6-config.c core: handle route metric when reapplying dynamic IP methods 2018-09-12 09:52:06 +02:00
nm-ip6-config.h core: handle route metric when reapplying dynamic IP methods 2018-09-12 09:52:06 +02:00
nm-logging.c logging: warn about invalid logging backends and drop "debug" backend 2018-06-27 09:21:33 +02:00
nm-logging.h logging: warn about invalid logging backends and drop "debug" backend 2018-06-27 09:21:33 +02:00
nm-manager.c manager: don't update ifindex of existing devices 2018-09-05 17:18:52 +02:00
nm-manager.h all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-netns.c all: get rid of a handful of unused-but-set variables 2017-12-18 13:29:32 +01:00
nm-netns.h core: rework handling of default-routes and drop NMDefaultRouteManager 2017-09-08 11:11:21 +02:00
nm-pacrunner-manager.c all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-pacrunner-manager.h proxy: introduce call-id for clearing pacmanager configuration 2017-04-23 18:12:09 +02:00
nm-policy.c policy: log connection UUID for auto-activation 2018-06-11 09:44:05 +02:00
nm-policy.h policy: add support to configurable hostname mode 2017-03-24 15:18:09 +01:00
nm-proxy-config.c proxy: reorder parts in nm-proxy-config.c and nm-pacrunner-manager.c 2016-10-04 11:58:32 +02:00
nm-proxy-config.h proxy: remove unnecessary APIs 2016-10-04 11:44:44 +02:00
nm-rfkill-manager.c all: use the elvis operator wherever possible 2018-05-10 14:36:58 +02:00
nm-rfkill-manager.h core: refactor private data in "src" 2016-10-04 09:50:56 +02:00
nm-session-monitor.c session-monitor: avoid an assertion failure if there's no session monitor 2018-05-09 12:59:08 +02:00
nm-session-monitor.h core: refactor private data in "src" 2016-10-04 09:50:56 +02:00
nm-sleep-monitor.c all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-sleep-monitor.h core: refactor private data in "src" 2016-10-04 09:50:56 +02:00
nm-test-utils-core.h all: remove consecutive empty lines 2018-04-30 16:24:52 +02:00
nm-types.h core: add activation-reasons for external/assume connections 2018-04-30 16:36:29 +02:00
org.freedesktop.NetworkManager.conf all: replace "it's" with "its" where needed 2018-04-18 14:14:07 +02:00