From cc0a54e3326d6329d85106d93d4083df380dac09 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Tue, 21 Jan 2020 23:58:30 +0100 Subject: libubox: backport security patches This backports some security relevant patches from libubox master. These patches should not change the existing API and ABI so that old applications still work like before without any recompilation. Application can now also use more secure APIs. The new more secure interfaces are also available, but not used. OpenWrt master and 19.07 already have these patches by using a more recent libubox version. Signed-off-by: Hauke Mehrtens --- ...0014-blobmsg_json-fix-int16-serialization.patch | 41 ++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 package/libs/libubox/patches/0014-blobmsg_json-fix-int16-serialization.patch (limited to 'package/libs/libubox/patches/0014-blobmsg_json-fix-int16-serialization.patch') diff --git a/package/libs/libubox/patches/0014-blobmsg_json-fix-int16-serialization.patch b/package/libs/libubox/patches/0014-blobmsg_json-fix-int16-serialization.patch new file mode 100644 index 0000000000..a79ce4adbc --- /dev/null +++ b/package/libs/libubox/patches/0014-blobmsg_json-fix-int16-serialization.patch @@ -0,0 +1,41 @@ +From 1cc755d7c3989b399bf0c60535a858d22819ca27 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20=C5=A0tetiar?= +Date: Sun, 12 Jan 2020 22:40:18 +0100 +Subject: blobmsg_json: fix int16 serialization +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +int16 blobmsg type is currently being serialized as uint16_t due to +missing cast during JSON output. + +Following blobmsg content: + + bar-min: -32768 (i16) + bar-max: 32767 (i16) + +Produces following JSON: + + { "bar-min":32768,"bar-max":32767 } + +Whereas one would expect: + + { "bar-min":-32768,"bar-max":32767 } + +Reviewed-by: Jo-Philipp Wich +Signed-off-by: Petr Štetiar +--- + blobmsg_json.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/blobmsg_json.c ++++ b/blobmsg_json.c +@@ -250,7 +250,7 @@ static void blobmsg_format_element(struc + sprintf(buf, "%s", *(uint8_t *)data ? "true" : "false"); + break; + case BLOBMSG_TYPE_INT16: +- sprintf(buf, "%d", be16_to_cpu(*(uint16_t *)data)); ++ sprintf(buf, "%d", (int16_t) be16_to_cpu(*(uint16_t *)data)); + break; + case BLOBMSG_TYPE_INT32: + sprintf(buf, "%d", (int32_t) be32_to_cpu(*(uint32_t *)data)); -- cgit v1.2.3