Fix oss-fuzz 67175, 67180, 67191

ralight · ralight · commit 9f7b23ca7270 · 2024-03-04T14:24:55.000Z
Embedded 0 characters in a file would prevent the loading of that file.

This could not happen apart from corruption of the file, or by
deliberate manipulation by the admin. Minimal impact.
diff --git a/apps/mosquitto_passwd/Makefile b/apps/mosquitto_passwd/Makefile
@@ -17,7 +17,8 @@ OBJS_EXTERNAL= \
 	memory_mosq.o \
 	memory_public.o \
 	misc_mosq.o \
-	password_mosq.o
+	password_mosq.o \
+	utf8_mosq.o
 
 
 ifeq ($(WITH_TLS),yes)
@@ -54,6 +55,9 @@ misc_mosq.o : ${R}/common/misc_mosq.c ${R}/common/misc_mosq.h
 password_mosq.o : ${R}/common/password_mosq.c ${R}/common/password_mosq.h
 	${CROSS_COMPILE}${CC} ${LOCAL_CPPFLAGS} $(LOCAL_CFLAGS) -c $< -o $@
 
+utf8_mosq.o : ${R}/common/utf8_mosq.c
+	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
+
 install : all
 ifeq ($(WITH_TLS),yes)
 	$(INSTALL) -d "${DESTDIR}$(prefix)/bin"
diff --git a/common/misc_mosq.c b/common/misc_mosq.c
@@ -284,6 +284,11 @@ char *fgets_extending(char **buf, int *buflen, FILE *stream)
 		if(endchar == '\n'){
 			return rc;
 		}
+		if((int)(len+1) < *buflen){
+			/* Embedded nulls, invalid string */
+			return NULL;
+		}
+
 		/* No EOL char found, so extend buffer */
 		offset = (*buflen)-1;
 		*buflen += 1000;
diff --git a/common/utf8_mosq.c b/common/utf8_mosq.c
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
@@ -50,7 +50,7 @@ set(C_SRC
 	thread_mosq.c
 	../common/time_mosq.c ../common/time_mosq.h
 	tls_mosq.c
-	utf8_mosq.c
+	../common/utf8_mosq.c
 	util_mosq.c util_topic.c util_mosq.h
 	will_mosq.c will_mosq.h)
 
diff --git a/lib/Makefile b/lib/Makefile
@@ -81,7 +81,6 @@ OBJS= \
 	strings_mosq.o \
 	thread_mosq.o \
 	tls_mosq.o \
-	utf8_mosq.o \
 	util_mosq.o \
 	util_topic.o \
 	will_mosq.o
@@ -90,7 +89,8 @@ OBJS_EXTERNAL= \
 	base64_mosq.o \
 	misc_mosq.o \
 	password_mosq.o \
-	time_mosq.o
+	time_mosq.o \
+	utf8_mosq.o
 
 ifeq ($(WITH_WEBSOCKETS),yes)
 	OBJS_EXTERNAL+=${R}/deps/picohttpparser/picohttpparser.o
@@ -160,5 +160,8 @@ password_mosq.o : ${R}/common/password_mosq.c net_mosq.h
 time_mosq.o : ${R}/common/time_mosq.c ${R}/common/time_mosq.h
 	${CROSS_COMPILE}$(CC) $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
 
+utf8_mosq.o : ${R}/common/utf8_mosq.c
+	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
+
 ${R}/deps/picohttpparser/picohttpparser.o : ${R}/deps/picohttpparser/picohttpparser.c
 	${CROSS_COMPILE}$(CC) $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -77,7 +77,7 @@ set (MOSQ_SRCS
 	../lib/tls_mosq.c
 	topic_tok.c
 	../lib/util_mosq.c ../lib/util_topic.c ../lib/util_mosq.h
-	../lib/utf8_mosq.c
+	../common/utf8_mosq.c
 	websockets.c
 	will_delay.c
 	../lib/will_mosq.c ../lib/will_mosq.h
diff --git a/src/Makefile b/src/Makefile
@@ -247,7 +247,7 @@ util_mosq.o : ${R}/lib/util_mosq.c ${R}/lib/util_mosq.h
 util_topic.o : ${R}/lib/util_topic.c ${R}/lib/util_mosq.h
 	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
 
-utf8_mosq.o : ${R}/lib/utf8_mosq.c
+utf8_mosq.o : ${R}/common/utf8_mosq.c
 	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(LOCAL_CFLAGS) -c $< -o $@
 
 will_mosq.o : ${R}/lib/will_mosq.c ${R}/lib/will_mosq.h
diff --git a/test/unit/broker/Makefile b/test/unit/broker/Makefile
@@ -177,7 +177,7 @@ ${R}/src/util_mosq.o : ${R}/lib/util_mosq.c
 ${R}/src/util_topic.o : ${R}/lib/util_topic.c
 	$(MAKE) -C ${R}/src/ util_topic.o
 
-${R}/src/utf8_mosq.o : ${R}/lib/utf8_mosq.c
+${R}/src/utf8_mosq.o : ${R}/common/utf8_mosq.c
 	$(MAKE) -C ${R}/src/ utf8_mosq.o
 
 build : bridge_topic_test keepalive_test persist_read_test persist_write_test subs_test
diff --git a/test/unit/lib/Makefile b/test/unit/lib/Makefile
@@ -76,7 +76,7 @@ ${R}/lib/util_mosq.o : ${R}/lib/util_mosq.c
 ${R}/lib/util_topic.o : ${R}/lib/util_topic.c
 	$(MAKE) -C ${R}/lib/ util_topic.o
 
-${R}/lib/utf8_mosq.o : ${R}/lib/utf8_mosq.c
+${R}/lib/utf8_mosq.o : ${R}/common/utf8_mosq.c
 	$(MAKE) -C ${R}/lib/ utf8_mosq.o
 
 build : lib_test
