summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorEric Leblond <eric@regit.org>2017-07-11 00:32:55 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2017-07-17 17:20:34 +0200
commit30821c4d81ee3bd430030f69e9a838b8b4e8244d (patch)
tree9386af8873cb8bab4dcc331405e1398851915274 /src
parent4223878982af3efd924691bb9721cdf32862d0b7 (diff)
cli: fix heap buffer overflow
This patch fixes an invalid read when an empty command was sent. Found via nft running ASAN and entering an empty command: nft> ================================================================= ==19540==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000008c6f at pc 0x55e3b561704d bp 0x7fffe9a33ac0 sp 0x7fffe9a33ab8 READ of size 1 at 0x602000008c6f thread T0 #0 0x55e3b561704c in cli_append_multiline /home/eric/git/netfilter/nftables/src/cli.c:65 #1 0x55e3b561725b in cli_complete /home/eric/git/netfilter/nftables/src/cli.c:109 #2 0x7f6e0c2ccac2 in rl_callback_read_char (/lib/x86_64-linux-gnu/libreadline.so.7+0x2fac2) #3 0x55e3b5617ba6 in cli_init /home/eric/git/netfilter/nftables/src/cli.c:199 #4 0x55e3b5573b75 in main /home/eric/git/netfilter/nftables/src/main.c:381 #5 0x7f6e0bc9b2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0) #6 0x55e3b55725a9 in _start (/usr/local/sbin/nft+0x445a9) Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/cli.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/cli.c b/src/cli.c
index c1fdcf6c..abb6bf3c 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -61,6 +61,10 @@ static char *cli_append_multiline(char *line)
}
len = strlen(line);
+
+ if (len == 0)
+ return NULL;
+
if (line[len - 1] == '\\') {
line[len - 1] = '\0';
len--;