opkg: fix use-after-free with duplicate packages on the command line
When the same package file is specified multiple times on the opkg install command line, the name pointer on the argv array becomes stale after the package structures have been merged, leading to invalid memory accesses upon install. Signed-off-by: Jo-Philipp Wich <jo@mein.io>v19.07.3_mercusys_ac12_duma
parent
b9466382b5
commit
4c60a6f803
@ -0,0 +1,11 @@
|
||||
--- a/libopkg/opkg_download.c
|
||||
+++ b/libopkg/opkg_download.c
|
||||
@@ -335,7 +335,7 @@ opkg_prepare_url_for_install(const char
|
||||
hash_insert_pkg(pkg, 1);
|
||||
|
||||
if (namep) {
|
||||
- *namep = pkg->name;
|
||||
+ *namep = xstrdup(pkg->name);
|
||||
}
|
||||
return 0;
|
||||
}
|
Loading…
Reference in New Issue