fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-31 20:40:18 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src
History
Evgeny Vereshchagin 86391f2741 dhcp6: fix an off-by-one error in dhcp6_option_parse_domainname 
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200055fa9c at pc 0x0000005458f1 bp 0x7ffc78940d90 sp 0x7ffc78940d88
READ of size 1 at 0x60200055fa9c thread T0
    #0 0x5458f0 in dhcp6_option_parse_domainname /work/build/../../src/systemd/src/libsystemd-network/dhcp6-option.c:555:29
    #1 0x54706e in dhcp6_lease_set_domains /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-lease.c:242:13
    #2 0x53fce0 in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:984:29
    #3 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
    #4 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
    #5 0x7f0f7159deee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
    #6 0x7f0f7159d431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
    #7 0x7f0f7159ea8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
    #8 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
    #9 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
    #10 0x57bec8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
    #11 0x579d67 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
    #12 0x57dc92 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
    #13 0x580ca6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
    #14 0x55e968 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #15 0x551a1c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #16 0x7f0f701a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #17 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)

https://github.com/systemd/systemd/pull/10200
b387d3c132
(cherry picked from commit 7cb7cffc49)
(cherry picked from commit cd3aacefdd)
(cherry picked from commit 5b140a77bc)
(cherry picked from commit 0f25f47767)
(cherry picked from commit c13e43979e)
(cherry picked from commit b7b2c8ad38)
2018-10-29 21:18:43 +01:00
..
devices wifi: fix leaking fake AP in NMDeviceWifi's act_stage1_prepare() 2018-09-13 16:31:21 +02:00
dhcp-manager dhcp: fix leak in dhclient's dhclient_start() 2018-09-10 14:40:28 +02:00
dns-manager all: use O_CLOEXEC for file descriptors 2016-12-15 17:52:33 +01:00
dnsmasq-manager all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
platform platform: filter out invisible links for cache lookup by name 2017-03-09 15:22:54 +01:00
ppp-manager ppp: only request IPV6CP when IPv6 is enabled in the connection 2017-03-22 08:26:28 -05:00
rdisc core: use _NM_GET_PRIVATE() macros 2016-09-08 00:26:14 +02:00
settings build: fix type on Makefile.am 2017-04-20 15:54:57 +02:00
supplicant-manager device/wifi: drop messing with wpa-supplicant's support for MAC address randomization 2017-02-07 14:39:40 +01:00
systemd dhcp6: fix an off-by-one error in dhcp6_option_parse_domainname 2018-10-29 21:18:43 +01:00
tests all: use O_CLOEXEC for file descriptors 2016-12-15 17:52:33 +01:00
vpn-manager vpn: add device route to VPN gateway if parent has no gateway 2017-01-07 15:07:29 +01:00
main-utils.c all: use O_CLOEXEC for file descriptors 2016-12-15 17:52:33 +01:00
main-utils.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
main.c config: refactor change-flags to be a cause/reason which triggered the change 2016-06-01 19:06:34 +02:00
Makefile.am dhcp: add new header "nm-dhcp-helper-api.h" 2016-09-08 00:26:14 +02:00
NetworkManager.ver build: export _IO_stdin_used symbol in NetworkManager.ver 2016-08-28 16:56:25 +02:00
NetworkManagerUtils.c device: fix nm_utils_match_connection() for NMSettingInfiniband:mac-address 2016-09-22 16:49:15 +02:00
NetworkManagerUtils.h utils: inject platform into nm_utils_complete_generic() 2016-03-15 12:56:58 +01:00
nm-activation-request.c act-request: queue failing the slave when master fails 2016-08-17 15:36:05 +02:00
nm-activation-request.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-active-connection.c core: use define for signal name in nm_active_connection_set_device() 2016-08-22 16:25:33 +02:00
nm-active-connection.h active-connection: add parent active connection tracking 2016-03-26 11:31:18 +01:00
nm-audit-manager.c checkpoint: add audit support 2016-08-17 14:55:34 +02:00
nm-audit-manager.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-auth-manager.c auth: downgrade g_assert() to nm_assert() 2016-04-05 10:39:20 +02:00
nm-auth-manager.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-auth-subject.c core: use _NM_GET_PRIVATE() macros 2016-09-08 00:26:14 +02:00
nm-auth-subject.h auth: embed private data NMAuthSubjectPrivate in NMAuthSubject struct 2016-05-12 10:24:36 +02:00
nm-auth-utils.c core: fix builds without polkit support 2016-08-17 11:28:55 +02:00
nm-auth-utils.h all: move NM_AUTH_PERMISSION_* defines to "nm-common-macros.h" header 2016-06-01 19:06:35 +02:00
nm-bus-manager.c bus-manager: don't leak connections 2017-10-15 10:29:19 +02:00
nm-bus-manager.h core: check valid uid for D-Bus load_connection(s)/set_logging calls 2016-08-23 11:24:19 +02:00
nm-checkpoint-manager.c checkpoint: add create, rollback and destroy D-Bus API 2016-08-17 14:55:34 +02:00
nm-checkpoint-manager.h checkpoint: add create, rollback and destroy D-Bus API 2016-08-17 14:55:34 +02:00
nm-checkpoint.c core: use _NM_GET_PRIVATE() macros 2016-09-08 00:26:14 +02:00
nm-checkpoint.h checkpoint: add create, rollback and destroy D-Bus API 2016-08-17 14:55:34 +02:00
nm-config-data.c config: make "ignore-carrier" a per-device configuration option 2016-06-30 08:27:17 +02:00
nm-config-data.h config: add support for per-device configuration to NetworkManager.conf 2016-06-30 08:07:35 +02:00
nm-config.c device: treat fake permanent MAC address mostly like a real one 2016-11-03 12:24:01 +01:00
nm-config.h config: make "ignore-carrier" a per-device configuration option 2016-06-30 08:27:17 +02:00
nm-connectivity.c nm-dispatcher: Added new 'connectivity-state' parameter to private D-Bus API 2016-07-28 22:22:14 +02:00
nm-connectivity.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-core-utils.c all: use O_CLOEXEC for file descriptors 2016-12-15 17:52:33 +01:00
nm-core-utils.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-dcb.c all: cleanup includes and let "nm-default.h" include "config.h" 2016-02-19 17:53:25 +01:00
nm-dcb.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-default-route-manager.c default-route-manager: decryptify logging line for default-route-manager 2017-04-03 13:30:50 +02:00
nm-default-route-manager.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-dhcp4-config.c all: cleanup includes and let "nm-default.h" include "config.h" 2016-02-19 17:53:25 +01:00
nm-dhcp4-config.h core: port NMDhcp4Config/NMDhcp6Config to GVariant 2015-07-24 13:25:47 -04:00
nm-dhcp6-config.c all: cleanup includes and let "nm-default.h" include "config.h" 2016-02-19 17:53:25 +01:00
nm-dhcp6-config.h core: port NMDhcp4Config/NMDhcp6Config to GVariant 2015-07-24 13:25:47 -04:00
nm-dispatcher.c nm-dispatcher: Added new 'connectivity-state' parameter to private D-Bus API 2016-07-28 22:22:14 +02:00
nm-dispatcher.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-exported-object.c exported-object: use _NMLOG2() macro for logging property-changed signal 2016-09-02 20:17:42 +02:00
nm-exported-object.h build: cleanup src/Makefile.am 2016-08-11 11:54:18 +02:00
nm-firewall-manager.c core: use defines for signal names in NMDnsManager and NMFirewallManager 2016-04-04 16:48:10 +02:00
nm-firewall-manager.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-iface-helper.c dbus: fix emitting D-Bus NetworkManager's old-style PropertiesChange signal 2016-09-02 20:17:42 +02:00
nm-ip4-config.c ip4-config: sort addresses only when reading the property value 2016-12-09 14:18:56 +01:00
nm-ip4-config.h ip4-config: sort addresses only when reading the property value 2016-12-09 14:18:56 +01:00
nm-ip6-config.c ip6-config: sort addresses only when reading the property value 2016-12-09 14:30:57 +01:00
nm-ip6-config.h ip6-config: add nm_ip6_config_set_privacy() 2016-12-09 14:30:46 +01:00
nm-logging.c logging: don't round subsecond part in logging timestamp 2016-09-08 00:26:14 +02:00
nm-logging.h logging: remove LOGD_HW alias for LOGD_PLATFORM 2016-11-03 12:23:07 +01:00
nm-manager.c device: fix restricting Generic connection by interface-name 2017-04-26 21:14:13 +02:00
nm-manager.h ifcfg-rh: write the master device name even if the master property is an UUID 2017-01-12 19:08:31 +01:00
nm-multi-index.c libnm,core: fix syntax of 'transfer' annotation 2016-02-24 17:23:01 +01:00
nm-multi-index.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-policy.c policy: fix memleak in lookup_callback() and cancelling 2017-05-02 18:30:09 +02:00
nm-policy.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-rfkill-manager.c logging: remove LOGD_HW alias for LOGD_PLATFORM 2016-11-03 12:23:07 +01:00
nm-rfkill-manager.h core: use #define for "rfkill-changed" signal name 2016-08-23 11:46:28 +02:00
nm-route-manager.c core/trivial: rename "source" field of addresses and routes 2016-04-28 12:53:21 +02:00
nm-route-manager.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-session-monitor.c session-monitor: fix parsing of ConsoleKit database 2016-10-13 09:48:45 +02:00
nm-session-monitor.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-sleep-monitor.c sleep-monitor: add functions for delaying the suspension 2016-05-13 14:34:53 +02:00
nm-sleep-monitor.h all: cleanup includes in header files 2016-08-17 19:51:17 +02:00
nm-test-utils-core.h shared: move shared files to subdirectory "shared/nm-utils/" 2016-06-16 10:45:53 +02:00
nm-types.h platform/trivial: rename NM_LINK_TYPE_WWAN_ETHERNET to NM_LINK_TYPE_WWAN_NET 2016-06-17 11:00:10 +02:00
org.freedesktop.NetworkManager.conf dns: use DBus to make dnsmasq nameserver changes 2016-04-21 15:32:07 +02:00