blob_parse expects blobs from trusted inputs, but it can be supplied
with possibly malicious blobs from untrusted inputs as well, which might
lead to undefined behaviour and/or crash of ubus daemon. In order to
prevent such conditions, switch to blob_parse_untrusted which should
hopefully handle such untrusted inputs appropriately.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
scan-build from clang-9 has reported following:
libubox/list.h:83:22: warning: Use of memory after it is freed
entry->next->prev = entry->prev;
^~~~~~~~~~~
ubusd_event.c:42:3: warning: Use of memory after it is freed
ubusd_delete_event_source(ev);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Which might be a false positives, but in order to make the code pass the
static analyzer checks, rewrite the while loops on lists with the safe
list iterator.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes following error reported by clang-9 analyzer:
libubus.c:286:19: error: incompatible pointer types assigning to 'struct blob_attr *' from 'char *' [-Werror,-Wincompatible-pointer-types]
ctx->msgbuf.data = (char *) calloc(UBUS_MSG_CHUNK_SIZE, sizeof(char));
Result of 'calloc' is converted to a pointer of type 'struct blob_attr',
which is incompatible with sizeof operand type 'char'.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
If a synchronous operation is executed on a ubus context after
uloop_done() has been called, the context's pending_timer
may remain in uloop's list of timeouts.
This leads to undefined behaviour during next execution of uloop
code, as it may be referring to unavailable memory or memory
that has been allocated for different purposes.
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Signed-off-by: Abhimanyu Vishwakarma <Abhimanyu.Vishwakarma@imgtec.com>
If the ubus_reconnect() call fails in ubus_connect_ctx(), the msgbuf.data
newly allocated buffer is freed, but its pointer in the ubus_context is not
removed.
This leads to a double free error if ubus_auto_shutdown() is called for cleanup
after ubus_auto_connect() failed to connect to ubusd.
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
At the moment, we do our own null checks before calling ubus_free().
The likely-hood of 'ctx' being null (in ubus_free()) is low,
but since free() handles null, might make sense for ubus_free() to do so as well.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Append ubus notification messages to the tail of the pending list
so they're processed in the order as they're put onto the pending list
Signed-off-by: Xinxing Hu <xinxing.huchn@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
ubus_connect_ctx() is equivalent to ubus_connect() but accepts a
pointer to a previously allocated ubus_context struct.
ubus_shutdown() is made available as an alternative to ubus_free()
to clean up contexts initialised by ubus_connect_ctx().
Signed-off-by: Delio Brignoli <dbrignoli@audioscience.com>
This fixes recursion problems on config reload in netifd and simplifies
application handling of requests
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
rename the ADD_WATCH/REMOVE_WATCH messages to SUBSCRIBE/UNSUBSCRIBE and change
the message format and libubus API in preparation for adding object notifications
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
