Fixed xpath crashes discovered by fuzzing

Added fuzz code for xpath Test: added negative xpath tests
2022-11-04 16:12:22 +01:00 · 2022-11-04 16:12:22 +01:00 · 779fcf5458
commit 779fcf5458
parent 05cdbf5c4f
16 changed files with 197 additions and 29 deletions
--- a/apps/netconf/netconf_main.c
+++ b/apps/netconf/netconf_main.c
@ -533,9 +533,11 @@ netconf_input_cb(int   s,
            goto done;
    if (clicon_option_exists(h, NETCONF_FRAME_SIZE) == 0)
        frame_size = 0;
-    else
-        if ((frame_size = clicon_option_int(h, NETCONF_FRAME_SIZE)) < 0)
+    else{
+        if ((ret = clicon_option_int(h, NETCONF_FRAME_SIZE)) < 0)
            goto done;
+        frame_size = (size_t)ret;
+    }
    if ((ptr = clicon_hash_value(cdat, NETCONF_HASH_BUF, &cdatlen)) != NULL){
        if (cdatlen != sizeof(cb)){
            clicon_err(OE_XML, errno, "size mismatch %lu %lu",
--- a/apps/restconf/clixon_http_data.c
+++ b/apps/restconf/clixon_http_data.c
@ -351,10 +351,11 @@ api_http_data_file(clicon_handle h,
        clicon_err(OE_UNIX, errno, "malloc");
        goto done;
    }
-    if ((sz = fread(buf, fsize, 1, f)) < 0){
+    if ((ret = fread(buf, fsize, 1, f)) < 0){
        clicon_err(OE_UNIX, errno, "fread");
        goto done;
    }
+    sz = (size_t)ret;
    if (sz != 1){
        clicon_debug(1, "%s Error fread(%s) sz:%zu", __FUNCTION__, filename, sz);
        if (api_http_data_err(h, req, 500) < 0) /* Internal error? */