blob: add a magic offset to nesting cookies to ensure that NULL is never returned as a normal value

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
This commit is contained in:
Felix Fietkau 2013-10-16 01:22:02 +02:00
parent e9fb256ca5
commit 458c3937bc
3 changed files with 7 additions and 5 deletions

6
blob.c
View file

@ -40,14 +40,14 @@ blob_init(struct blob_attr *attr, int id, unsigned int len)
static inline struct blob_attr * static inline struct blob_attr *
offset_to_attr(struct blob_buf *buf, int offset) offset_to_attr(struct blob_buf *buf, int offset)
{ {
void *ptr = (char *)buf->buf + offset; void *ptr = (char *)buf->buf + offset - BLOB_COOKIE;
return ptr; return ptr;
} }
static inline int static inline int
attr_to_offset(struct blob_buf *buf, struct blob_attr *attr) attr_to_offset(struct blob_buf *buf, struct blob_attr *attr)
{ {
return (char *)attr - (char *) buf->buf; return (char *)attr - (char *) buf->buf + BLOB_COOKIE;
} }
void void
@ -65,7 +65,7 @@ static struct blob_attr *
blob_add(struct blob_buf *buf, struct blob_attr *pos, int id, int payload) blob_add(struct blob_buf *buf, struct blob_attr *pos, int id, int payload)
{ {
int offset = attr_to_offset(buf, pos); int offset = attr_to_offset(buf, pos);
int required = (offset + sizeof(struct blob_attr) + payload) - buf->buflen; int required = (offset - BLOB_COOKIE + sizeof(struct blob_attr) + payload) - buf->buflen;
struct blob_attr *attr; struct blob_attr *attr;
if (required > 0) { if (required > 0) {

2
blob.h
View file

@ -28,6 +28,8 @@
#include "utils.h" #include "utils.h"
#define BLOB_COOKIE 0x01234567
enum { enum {
BLOB_ATTR_UNSPEC, BLOB_ATTR_UNSPEC,
BLOB_ATTR_NESTED, BLOB_ATTR_NESTED,

View file

@ -195,7 +195,7 @@ blobmsg_new(struct blob_buf *buf, int type, const char *name, int payload_len, v
static inline int static inline int
attr_to_offset(struct blob_buf *buf, struct blob_attr *attr) attr_to_offset(struct blob_buf *buf, struct blob_attr *attr)
{ {
return (char *)attr - (char *) buf->buf; return (char *)attr - (char *) buf->buf + BLOB_COOKIE;
} }
@ -262,7 +262,7 @@ void *
blobmsg_realloc_string_buffer(struct blob_buf *buf, int maxlen) blobmsg_realloc_string_buffer(struct blob_buf *buf, int maxlen)
{ {
struct blob_attr *attr = blob_next(buf->head); struct blob_attr *attr = blob_next(buf->head);
int offset = attr_to_offset(buf, blob_next(buf->head)) + blob_pad_len(attr); int offset = attr_to_offset(buf, blob_next(buf->head)) + blob_pad_len(attr) - BLOB_COOKIE;
int required = maxlen - (buf->buflen - offset); int required = maxlen - (buf->buflen - offset);
if (required <= 0) if (required <= 0)