Browse Source

Add API for freeing pushover messages

To prevent UAF bugs, use double indirection to set the pointer to NULL
if the message was dynamically allocated.

In order to know whether to free the pushover_message_t object itself,
add a 64-bit wide flags member to the object.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
master
Shawn Webb 4 months ago
parent
commit
1a11acdda6
Signed by: shawn.webb <shawn.webb@hardenedbsd.org> GPG Key ID: FF2E67A277F8E1FA
2 changed files with 34 additions and 3 deletions
  1. +29
    -3
      lib/libpushover/libpushover.c
  2. +5
    -0
      lib/libpushover/libpushover.h

+ 29
- 3
lib/libpushover/libpushover.c View File

@@ -85,12 +85,16 @@ EXPORTED_SYM
pushover_message_t *
pushover_init_message(pushover_message_t *msg)
{
/* XXX determine free-ability */
uint64_t flags;

if (msg == NULL)
flags = 0;

if (msg == NULL) {
msg = calloc(1, sizeof(*msg));
else
flags |= PUSHOVER_FLAGS_ALLOC;
} else {
memset(msg, 0, sizeof(*msg));
}

if (msg == NULL)
return (NULL);
@@ -98,6 +102,28 @@ pushover_init_message(pushover_message_t *msg)
return (msg);
}

EXPORTED_SYM
void
pushover_free_message(pushover_message_t **msg)
{
pushover_message_t *msgp;

if (msg == NULL || *msg == NULL)
return;

msgp = *msg;

free(msgp->psh_user);
free(msgp->psh_msg);
free(msgp->psh_title);
free(msgp->psh_device);

if (msgp->psh_flags & PUSHOVER_FLAGS_ALLOC) {
free(msgp);
*msg = NULL;
}
}

EXPORTED_SYM
bool
pushover_message_set_msg(pushover_message_t *msg, char *data)


+ 5
- 0
lib/libpushover/libpushover.h View File

@@ -8,6 +8,9 @@
#define EXPORTED_SYM __attribute__((visibility("default")))
#define PUSHOVER_URI "https://api.pushover.net/1/messages.json"

#define PUSHOVER_FLAGS_NONE 0
#define PUSHOVER_FLAGS_ALLOC 1

typedef enum _pushover_priority {
PSH_PRIO_NONE = -2,
PSH_PRIO_QUIET = -1,
@@ -27,12 +30,14 @@ typedef struct _pushover_message {
char *psh_title;
char *psh_device;
pushover_priority_t psh_priority;
uint64_t psh_flags;
} pushover_message_t;

pushover_ctx_t *pushover_init_ctx(const char *);
bool pushover_set_uri(pushover_ctx_t *, const char *);
bool pushover_set_token(pushover_ctx_t *, const char *);
pushover_message_t *pushover_init_message(pushover_message_t *);
void pushover_free_message(pushover_message_t **);
bool pushover_message_set_msg(pushover_message_t *, char *);
bool pushover_message_set_user(pushover_message_t *, char *);
bool pushover_message_set_title(pushover_message_t *, char *);


Loading…
Cancel
Save