Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 3311eea1 authored by David 'Digit' Turner's avatar David 'Digit' Turner
Browse files

libsysutils: Fix NetLinkEvent security issues. 

The issues were the following:
- The code in decode() didn't handle the degenerate case where the input buffer is full of '@'
- The code in decode() assumed the input buffer is properly zero-terminated.
- The code in decode() would not check that it doesn't overwrite the mParams[] array.
- The code in findParam() would check mParams[i] before checking the value of 'i'

Also remove un-necessary calls to strlen() at runtime.

Change-Id: I8acead959bd10d97c5380b08958fcb796248a010
parent a42f152b
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment