network: fix potential use-after-free

author Felix Fietkau <nbd@nbd.name>

Tue, 16 Aug 2022 18:30:49 +0000 (20:30 +0200)

committer Felix Fietkau <nbd@nbd.name>

Tue, 23 Aug 2022 21:20:25 +0000 (23:20 +0200)
author Felix Fietkau <nbd@nbd.name>
Tue, 16 Aug 2022 18:30:49 +0000 (20:30 +0200)
committer Felix Fietkau <nbd@nbd.name>
Tue, 23 Aug 2022 21:20:25 +0000 (23:20 +0200)
diff --git a/auth-data.c b/auth-data.c

index 3d6621304705e880e972455da12a4cd2d5cef4c8..cd07958c456bfcd193b4aa5a7fbf599877048923 100644 (file)
--- a/auth-data.c
+++ b/auth-data.c
@@ -31,7 +31,7 @@ int unet_auth_data_validate(const uint8_t *key, const void *buf, size_t len,
         if (!edsign_verify(&vst, hdr->signature, data->pubkey))
                 return -3;
  
-       if (*(char *)(data + len - 1) != 0)
+       if (((char *)data)[len - 1] != 0)
                 return -2;
  
         if (timestamp)
diff --git a/network.c b/network.c

index 15429ad0591228c8ea8059ed72cf33475af22f22..60426520f7cc4a922acaead2ab19ed8c977caf17 100644 (file)
--- a/network.c
+++ b/network.c
@@ -436,6 +436,7 @@ static int network_setup(struct network *net)
  
  static void network_teardown(struct network *net)
  {
+       uloop_timeout_cancel(&net->connect_timer);
         uloop_timeout_cancel(&net->reload_timer);
         network_do_update(net, false);
         network_pex_close(net);
author	Felix Fietkau <nbd@nbd.name>
	Tue, 16 Aug 2022 18:30:49 +0000 (20:30 +0200)
committer	Felix Fietkau <nbd@nbd.name>
	Tue, 23 Aug 2022 21:20:25 +0000 (23:20 +0200)
auth-data.c		patch \| blob \| history
network.c		patch \| blob \| history