git.ipfire.org Git - thirdparty/openwrt.git/commit

author	Paul Donald <newtwen+github@gmail.com>
	Thu, 5 Mar 2026 21:11:13 +0000 (22:11 +0100)
committer	Hauke Mehrtens <hauke@hauke-m.de>
	Sun, 8 Mar 2026 14:48:35 +0000 (15:48 +0100)
commit	3c1460a5a2777e81df0eabf0796b1fc748fb4910
tree	f182c9983e39c0e58458dd1be145f2889635470d	tree \| snapshot
parent	2c68f7b70b25be7279546a7de1856485aa99a03e	commit \| diff

ppp: add memmove fortify and remove MRU patch

memcpy() with overlapping src and dest buffers is an undefined behavior
in C. In the current code, a ConfRej response is generated by copying
input data in-place, where the dest address is lower than the src.
This happens to work in practice because memcpy() forward-copies data,
matching the behavior of memmove() in this case.

However, if FORTIFY_SOURCE or Address Sanitizer is enabled, memcpy()
will detect the overlap at run time and abort the program.

Replace the memcpy() with memmove() to ensure a well-defined behavior.

Reported-by: Filippo Carletti <filippo.carletti@gmail.com>
MRU patch https://github.com/ppp-project/ppp/pull/573

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22286
(cherry picked from commit 1e9da9798ac2a617f9bdd9b11b1582a86133f9e8)
Link: https://github.com/openwrt/openwrt/pull/22318
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

package/network/services/ppp/Makefile		diff \| blob \| blame \| history
package/network/services/ppp/patches/501-fix-memcpy-fortify.patch	[new file with mode: 0644]	blob
package/network/services/ppp/patches/502-remove_mru.patch	[new file with mode: 0644]	blob