matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
8e590da563
sonic-buildimage/src
History
Ying Xie 1ac140a945
[dhcp6relay] a couple memory access protections (#9851) 
Why I did it
the strcpy and buffer allocation is not safe, it corrupts 1 byte on the stack. Depending on the memory layout, it may or may not cause issue immediately.
message type is not validated before updating the counter. Which could cause segment fault.

How I did it
Remove the unsafe strcpy, use config->interface.c_str() instead.
Check message type before updating counters.

How to verify it
The issue (1) caused segment fault on a specific platform. The fix was validated there. Issue (2) was precautionary. Added log in case it triggers.
2022-01-26 09:58:52 -08:00
..
bash [Bash] Fix bash build break when re-build bash issue. (#9027) 2021-10-22 10:29:12 +08:00
dhcp6relay [dhcp6relay] a couple memory access protections (#9851) 2022-01-26 09:58:52 -08:00
dhcpmon [docker-dhcprelay]: Update to Bullseye (#9736) 2022-01-18 15:11:36 -08:00
ethtool [arm] support compile sonic arm image on arm server (#7285) 2021-04-18 08:17:57 -07:00
flashrom Flashrom refactoring for broadcom platforms (#7693) 2021-06-22 15:29:21 -07:00
gobgp Update go version to 1.11.2 for gobgp and telemetry (#2230) 2018-11-09 21:56:39 -08:00
hiredis [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
iccpd MCLAG enhacements ICCPd initial code commit (#4819) 2021-08-03 17:32:50 -07:00
ifupdown2 ifupdown2: Don't check for new IP addresses if dhcp-wait is set to no (#8535) 2021-08-20 20:28:35 -07:00
initramfs-tools Update initramfs-tools from 0.133 to 0.140 2021-11-10 15:27:22 -08:00
iproute2 [iproute2]: Add macsec-xpn-support iproute2 in syncd (#8702) 2021-11-25 21:38:17 +08:00
iptables Ported iptables patch to 5.10 kernel (#4) 2021-11-10 15:27:22 -08:00
isc-dhcp [docker-dhcprelay]: Update to Bullseye (#9736) 2022-01-18 15:11:36 -08:00
ixgbe Reorganize .gitignore files (#4707) 2020-06-09 21:04:55 -07:00
kdump-tools Update kdump-tools for bullseye 2021-11-10 15:27:22 -08:00
libnl3 [MPLS][libnl3] libnl patches for supporting MPLS 2021-06-16 15:08:23 -07:00
libteam [libteam][warm-reboot] fix issue in teamd warm-reboot that teamd starts (#8227) 2021-08-16 02:54:09 -07:00
libyang Python 2 removal/cleanup 2021-11-10 15:27:22 -08:00
libyang1 [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
linkmgrd@0c23756cd6 [sonic-linkmgrd][master] submodule update #9808 2022-01-20 17:45:55 -08:00
lldpd [LLDPD] fix to port remove and immediately create problem (#9519) 2021-12-15 13:06:40 -08:00
lm-sensors [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
monit Update monit build for Bullseye 2021-11-10 15:27:22 -08:00
mpdecimal [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
ntp Upgrade to ntp 4.2.8p15 for Bullseye 2021-11-10 15:27:22 -08:00
openssh openssh: Upgrade from 7.9 to 8.4, to match version in Bullseye 2021-11-10 15:27:22 -08:00
ptf@36a3e3d9ac [docker-sonic-mgmt] install ptf framework in mgmt container and upgrade ptf (#3239) 2019-07-30 10:19:48 -07:00
radius [radius]: RADIUS Management User Authentication (#7551) 2021-06-14 07:57:01 -07:00
redis [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
redis-dump-load@7585497951 [redis-dump-load] Update submodule (#5215) 2020-08-19 11:23:42 -07:00
redis-dump-load.patch [build] Use pip to install setup.py dependency instead of python setup.py install (#8997) 2021-10-26 21:12:45 -07:00
sflow [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
smartmontools [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
snmpd Update snmpd to 5.9, as part of the Bullseye upgrade 2021-11-10 15:27:22 -08:00
socat Create docker-base-bullseye and docker-config-engine-bullseye (#9666) 2022-01-11 09:23:42 -08:00
sonic-bgpcfgd [bgp] Enable BGP Graceful Restart based on device role (#9486) 2021-12-13 10:14:50 -08:00
sonic-build-hooks [build] docker-sonic-mgmt replace USER by whoami (#9702) 2022-01-11 16:48:04 +08:00
sonic-config-engine [sonic-cfggen]: Feature should use 'state' to replace 'status' (#9796) 2022-01-20 08:51:56 +08:00
sonic-ctrmgrd [k8s]: disable http_proxy for docker by default (#8328) 2021-08-04 00:30:43 -07:00
sonic-dbsyncd@df46ed418e [submodule update] sonic-db-syncd (#7225) 2021-04-03 07:36:11 -07:00
sonic-device-data [ragile] support 32c and 4s platform (#8824) 2021-11-17 23:49:06 -08:00
sonic-frr Fix IPv4 routes with IPv6 link local next hops installed in FPM (#8740) 2022-01-17 19:40:50 -08:00
sonic-frr-mgmt-framework [frrcfgd][bgpcfgd] Add portchannel support (#8911) 2021-10-12 18:54:37 -07:00
sonic-host-services Showtech sonic mgmt framework: Add Management Framework functionality for "show tech-support" (#7816) 2022-01-10 14:36:34 -08:00
sonic-host-services-data Revert "sysready (#8889)" 2021-11-10 15:36:20 -08:00
sonic-linux-kernel@6aa8d00afd [submodule]: update sonic-linux-kernel (#9254) 2021-11-14 12:01:39 -08:00
sonic-mgmt-common@d43a607d75 [submodule]: update sonic-mgmt-common (#9785) 2022-01-18 21:05:46 +08:00
sonic-mgmt-framework@3c3384cec8 Mgmt reorg -- submodule and build rules for sonic-mgmt-common (#4765) 2020-06-22 16:01:55 -07:00
sonic-p4rt [PINS] Build P4RT container for PINS (#9083) 2021-12-07 11:11:25 -08:00
sonic-platform-common@ee122155e0 [Submodule] sonic-platform-common submodule update (#9753) 2022-01-15 10:43:25 +05:30
sonic-platform-daemons@94fa239a7b [y_cable] Support for initialization of new daemon ycable to support ycables (#9125) 2022-01-25 11:10:25 -08:00
sonic-platform-pde@f18ebc297d [PDE]: introduce the SONiC Platform Development Env (#7510) 2021-07-24 16:24:43 -07:00
sonic-py-common Cache connection handles to prevent duplicate (#9636) 2022-01-07 12:58:01 -08:00
sonic-py-swsssdk@2cd6236849 [sonic-py-swsssdk]: submodule update (#8757) 2021-09-15 14:00:43 -07:00
sonic-restapi@94805a39ac [RESTAPI] Update submodule (#9547) 2021-12-17 09:21:32 -08:00
sonic-sairedis@d5866a3dcc [submodule update] sonic-sairedis (#9750) 2022-01-13 08:17:39 -08:00
sonic-snmpagent@a07da53618 [submodule] Update snmpagent (#9102) 2021-11-08 09:55:24 -08:00
sonic-swss@6cb43ee25c [swss] Update submodule (#9816) 2022-01-21 12:07:40 -08:00
sonic-swss-common@405f1df3d4 [sonic-swss-common]: Submodule update (#9395) 2021-12-01 10:14:13 -08:00
sonic-telemetry@0443e66050 [submodule]: update telemetry submodule (#8282) 2021-07-29 16:53:41 -07:00
sonic-utilities@d9f3afe5b3 [submodule] Update sonic-utilities submodule (#9687) 2022-01-18 20:22:44 -08:00
sonic-yang-mgmt [DPB] Fix verbose mode issue (#9772) 2022-01-19 11:29:11 +05:30
sonic-yang-models [yang]: Update yang models to support 'cluster' (#9806) 2022-01-26 13:02:47 +08:00
sonic-ztp@f7dd3c54ec [sonic-ztp] Submodule update (#9589) 2022-01-02 17:56:14 +02:00
swig [build]: fix dpkg admindir corruption issue in parallel build (#6408) 2021-01-12 06:03:12 -08:00
system-health [system-health] No longer check critical process/service status via monit (#9068) 2021-11-23 15:47:48 -08:00
systemd-sonic-generator [build]: marvell-armhf bullseye fixes (#9243) 2021-11-13 10:48:58 -08:00
tacacs [TACACS] fix src\tacacs\bash_tacplus\debian\rules file mode to 755 because it will be change to 755 by debian build and cause dirty image version. (#9821) 2022-01-21 22:28:31 +08:00
thrift Fix CVE-2017-1000487 security alert (#7173) 2021-03-31 22:45:06 -07:00
thrift_0_13_0 Add thrift 0.13.0 (#8307) 2021-09-01 06:10:14 -07:00
wpasupplicant [submodule]: update sonic-wpa-supplicant (#9388) 2022-01-12 20:27:02 -08:00