Commit graph

30 commits

Author SHA1 Message Date
Petr Štetiar
a1523d76b0 fix blob parsing vulnerability by using blob_parse_untrusted
blob_parse expects blobs from trusted inputs, but it can be supplied
with possibly malicious blobs from untrusted inputs as well, which might
lead to undefined behaviour and/or crash of ubus daemon. In order to
prevent such conditions, switch to blob_parse_untrusted which should
hopefully handle such untrusted inputs appropriately.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-19 19:53:25 +01:00
Petr Štetiar
c5f2053dfc workaround possibly false positive uses of memory after it is freed
scan-build from clang-9 has reported following:

 libubox/list.h:83:22: warning: Use of memory after it is freed
        entry->next->prev = entry->prev;
                            ^~~~~~~~~~~

 ubusd_event.c:42:3: warning: Use of memory after it is freed
                ubusd_delete_event_source(ev);
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Which might be a false positives, but in order to make the code pass the
static analyzer checks, rewrite the while loops on lists with the safe
list iterator.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-19 11:18:07 +01:00
Petr Štetiar
d2e026a33d iron out all extra compiler warnings
clang-9 on x86/64 has reported following warnings/errors:

 libubus-acl.c:123:2: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 libubus-io.c:108:18: error: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
 libubus-io.c:395:56: error: comparison of integers of different signs: 'ssize_t' (aka 'long') and 'size_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
 libubus-req.c:441:4: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:119:18: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd_acl.c:152:5: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:348:3: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:352:3: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:357:3: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:362:3: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:367:3: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]
 ubusd_acl.c:447:16: error: comparison of integers of different signs: 'int' and '__size_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
 ubusd_acl.c:502:18: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd.c:123:13: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd.c:170:15: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd.c:262:43: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd.c:287:30: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd_event.c:170:18: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
 ubusd_obj.c:71:2: error: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Werror,-Wsign-compare]

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-16 23:39:16 +01:00
Felix Fietkau
40e0931e70 libubus: pass an empty UBUS_ATTR_DATA block if msg is NULL on invoke
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-26 15:20:40 +02:00
Felix Fietkau
884be45162 libubus: check for non-NULL data before running callbacks
UBUS_MSG_INVOKE and UBUS_MSG_DATA can be sent without UBUS_ATTR_DATA
present. Most ubus users assume that the msg argument passed can never
be NULL, so this change prevents a crash

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-25 10:45:34 +02:00
John Crispin
24ffe9b582 libubus-req: add data_cb callback handling for ubus notifications
Signed-off-by: John Crispin <john@phrozen.org>
2017-11-06 08:23:08 +01:00
Felix Fietkau
91acde66b9 libubus: do not modify uloop_cancelled
uloop_cancelled was used for two purposes within ubus_complete_request:
- interrupting recursive requests on SIGINT/SIGTERM
- breaking out of the poll loop in a recursive request that completed

Saving/restorung uloop_cancelled was buggy, leading to SIGTERM not being
processed properly. Simplify the logic by using a separate field for
internal use

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-03 18:39:15 +01:00
Felix Fietkau
6f4e11e1db libubus: do not register/unregister with uloop during sync requests
This was leftover code from before this codepath was converted to
polling directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-22 14:39:34 +01:00
Felix Fietkau
cd82f9758d libubus: move uloop_init() call to ubus_connect_ctx
uloop should not be used before it is initialized

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-22 14:28:49 +01:00
Felix Fietkau
d5fabacba1 libubus: reduce code duplication, fix indentation
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-24 14:35:58 +01:00
amine ahd
df088f03c0 Allow sending a fd along a ubus_request
Signed-off-by: amine.ahd <amine.ahd@gmail.com>
2016-12-24 14:31:04 +01:00
Felix Fietkau
635ada4251 libubus: add socket EOF handling to ubus_complete_request()
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-12-09 18:35:07 +01:00
Felix Fietkau
44a62711e0 libubus: add monitor support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-19 22:32:25 +01:00
Felix Fietkau
2d660c519d libubus: fix processing queued messages after blocking requests
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-01-22 13:30:20 +01:00
Alexandru Ardelean
e52db46c9c libubus: restore uloop_cancelled on timeout
Context: 1 loop with a single ubus_invoke() that times out calls
uloop_end() which ends the loop, and thus ends the application.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-09-15 15:48:54 +02:00
Felix Fietkau
3e45a782b2 libubus: remove ubus_msghdr_data() by passing in the right data structure pointer
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-09-15 15:33:27 +02:00
Alexandru Ardelean
f47005a44c libubus: fix ubus_invoke() to return err in case ubus_start_request() fails
Seems the UBUS_MAX_MSGLEN is ignored by ubus_invoke(),
and then segfault happens.

This issue is present before this set of patches.
2014-07-03 12:46:44 +02:00
Felix Fietkau
3869e0ca07 libubus: fix deferring invoke processing for non-uloop usage
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-06-25 10:24:27 +02:00
Felix Fietkau
bbd3fbc9cc libubus: always defer processing incoming invoke/unsubscribe/notify if there is a request pending
This fixes recursion problems on config reload in netifd and simplifies
application handling of requests

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-06-24 22:34:53 +02:00
Felix Fietkau
1d5ac421a5 libubus: do not use uloop_run() inside ubus_complete_request
Avoid unrelated uloop callbacks by using poll() on the ubus fd instead.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-03-18 22:36:38 +01:00
Felix Fietkau
47a9ab0c64 libubus: implement file descriptor passing support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-02-18 15:03:53 +01:00
Felix Fietkau
a9ee3ef0cf libubus: pull the variable length data array out of struct ubus_msghdr to fix builds with clang
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-10-29 17:28:37 +01:00
Felix Fietkau
f72dca720b libubus: fix logic inversion for cancelling requests
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-05-30 12:39:51 +02:00
Felix Fietkau
dd3afa517d libubus: fix deadlock in recursive synchronous ubus requests
When synchronous request completion loops are running, the innermost
loop can receive events that can unblock the outer loops, however the
loop clears uloop_cancelled (which is set by the request completion).

This causes the event loop to continue running even while a completion
loop has already been unblocked.

Fix this by not clearing uloop_cancelled for inner loops

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-05-11 20:39:54 +02:00
Felix Fietkau
460301e62d libubus: fix synchronous ubus_notify without waiting for a timeout
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2013-03-17 17:55:11 +01:00
Felix Fietkau
4b9ed896cf libubus: fix uninitialized variable warning
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2012-12-15 14:11:15 +01:00
Felix Fietkau
f3fabd45a7 libubus: implement notify handling
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2012-12-15 00:37:09 +01:00
Felix Fietkau
c2158ae53c libubus: fix segfaults on request timeouts
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2012-12-15 00:35:12 +01:00
Felix Fietkau
2224658580 move ubus_start_request to libubus-req.c
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2012-12-14 19:48:26 +01:00
Felix Fietkau
2cae3fb422 libubus: refactor code, move request handling to libubus-req.c
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2012-12-14 14:13:27 +01:00