projects / oweals / ubus.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix blob parsing vulnerability by using blob_parse_untrusted
[oweals/ubus.git] / cli.c
diff --git a/cli.c b/cli.c
index 421f244ad9dcf383253e21d602b5eb79eb85f8fd..f566279b4f6d1b54de85985518365167731cba13 100644 (file)
--- a/cli.c
+++ b/cli.c
@@ -472,7 +472,7 @@ ubus_cli_monitor_cb(struct ubus_context *ctx, uint32_t seq, struct blob_attr *ms
        bool send;
        char *data;
 
-       blob_parse(msg, tb, policy, UBUS_MONITOR_MAX);
+       blob_parse_untrusted(msg, blob_raw_len(msg), tb, policy, UBUS_MONITOR_MAX);
 
        if (!tb[UBUS_MONITOR_CLIENT] ||
            !tb[UBUS_MONITOR_PEER] ||
Unnamed repository; edit this file 'description' to name the repository.