cgi, file: fix crash due to field_len type mismatch with libubox

[AndyChiang888]

In libubox commit openwrt/libubox@9b48801, the type of alloc_len in calloc_a was changed to size_t.

Since uhttpd still defined field_len as returning int, this type mismatch caused uhttpd to crash. So change field_len type to size_t and add NULL check.

Fixes: openwrt/luci#8629
Fixes: openwrt/libubox#45

[danpawlik]

Thank you for this patch. Works well with luci statistics.

[jow-]

That actually means that libubox broke ABI, this should not have slipped through without changing the ABI version of libubox.

Edit: or maybe not, seems libubox calloc_a() always expected size_t sized variable arguments after the pointer addresses and your commit to uhttpd ensures that on platforms where sizeof(size_t) != sizeof(int). One of these things where one wonders how it could possibly work before.

[lorand-horvath]

@aparcar @jow- @hauke Could you please merge this?

[hauke]

The AI found some more places with the same problem. Felix already fixed some and I also have PRs to OpenWrt for some:
have a complete picture. Here's the audit.

libubox itself
json_script.c:47 — name_len is int (json_script.c:42)
udebug-remote.c:240 — data_size is uint32_t (udebug-remote.c:213). (The companion ptr_size * sizeof(*ptr_buf) is rescued by sizeof promoting the product to size_t.)

ubus
ubusd_acl.c:336 — len + 1 where len is int (ubusd_acl.c:326)

uclient
uclient.c:65 — host_len + 1 where host_len is int (function param)
uclient.c:152-155 — host_len, port_len, uri_len, auth_len all int (uclient.c:138-141)

mdnsd
service.c:265 — txt_len is int (service.c:244)
service.c:261 — n + 1 where n is unsigned int (service.c:245) — still 32-bit on LP64
cache.c:369-370 — tlen and dlen both int (cache.c:264)

rpcd
session.c:442 — id_len + 1 where id_len is int (session.c:411; uh_id_len() returns int)

unetd
host.c:173-174 — ipaddr_len, subnet_len are int
host.c:189-191 — ipaddr_len, subnet_len, meta_len all int (host.c:124)

procd
service/watch.c:72 — len + 1 where len is int (watch.c:70)

uhttpd
file.c — already fixed by PR #24 (field_len widened to size_t)

[lorand-horvath]

If AI made the type change in libubox in the first place openwrt/libubox@9b48801 , how come it didn't realize the large number of locations it broke code depending on this? It's very strange working like this... backwards.