diff options
author | Erik Kline <ek@google.com> | 2014-11-15 04:24:40 +0900 |
---|---|---|
committer | Natalie Silvanovich <natashenka@google.com> | 2015-03-06 15:33:36 -0800 |
commit | 73c09dd8067250734511d955d8f792b41c7213f0 (patch) | |
tree | 5cc48473d65059c53a1262f271d626541aea850e /Android.mk | |
parent | b82be17488382132602e33e1a64829e7e5358f0f (diff) | |
download | android_external_dhcpcd-73c09dd8067250734511d955d8f792b41c7213f0.tar.gz android_external_dhcpcd-73c09dd8067250734511d955d8f792b41c7213f0.tar.bz2 android_external_dhcpcd-73c09dd8067250734511d955d8f792b41c7213f0.zip |
Fun with buffer overrruns.
In get_option(): don't read past the end of the option buffer.
Also add a small unittest to verify sane behaviour for the above.
The dhcpcd code is not easily refactored into a library, nor is it
entirely possible to include some header files directly since some
structures use C++ reserved keywords ("new") for variable names.
In print_option(): use of snprintf() returns the length that
/would/ have been written. Add checks that the output buffer
is not overrun when printing.
This fixes CVE-2014-7912 and CVE-2014-7913
Bug: 18356137
Bug: 18356135
Change-Id: I0f907b8a952208749226ba034a416d773e068f8a
Diffstat (limited to 'Android.mk')
-rw-r--r-- | Android.mk | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -51,3 +51,11 @@ LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_PATH := $(hooks_target) LOCAL_SRC_FILES := $(hooks_dir)/$(LOCAL_MODULE) include $(BUILD_PREBUILT) + +# Unit tests. +include $(CLEAR_VARS) +LOCAL_MODULE := dhcpcd_test +LOCAL_CFLAGS := -Wall -Werror -Wunused-parameter +LOCAL_SRC_FILES := dhcpcd_test.cpp dhcp.c common.c +LOCAL_MODULE_TAGS := eng tests +include $(BUILD_NATIVE_TEST) |