Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
235,308 Commits 606 Branches 0 Tags 3.1 GiB
C 85.3%
Roff 7.2%
Assembly 3.1%
Shell 1.7%
Makefile 1.2%
Other 0.9%
Go to file
christos 11ce78e57f The length of the received Commit and Confirm message payloads was not 
checked before reading them. This could result in a buffer read
overflow when processing an invalid message.

Fix this by verifying that the payload is of expected length before
processing it. In addition, enforce correct state transition sequence to
make sure there is no unexpected behavior if receiving a Commit/Confirm
message before the previous exchanges have been completed.

Thanks to Kostya Kortchinsky of Google security team for discovering and
reporting this issue.

XXX: pullup-7
 		2015-05-09 19:46:01 +00:00
bin CID 1225078: check getrlimit return 2015-05-09 13:28:55 +00:00
common - new test for strtoi 2015-05-01 14:17:56 +00:00
compat Add RISC-V support 2014-09-19 17:38:46 +00:00
crypto Fix typos 2015-04-28 09:48:30 +00:00
dist/pf Merge riastradh-drm2 to HEAD. 2014-03-18 18:20:35 +00:00
distrib This product includes software developed by Yasushi Yamasaki. 2015-05-09 17:49:33 +00:00
doc Remove mips-kern-ksyms-size, now that it is already gone 2015-05-08 09:44:45 +00:00
etc Build ERLITE and INSTALL_ERLITE if mips64eb 2015-05-01 23:55:14 +00:00
external The length of the received Commit and Confirm message payloads was not 2015-05-09 19:46:01 +00:00
extsrc
games PR/49850: Nikolai Lifanov: Document acronyms-o 2015-04-22 15:04:57 +00:00
gnu CID 1225079: check getrlimit return 2015-05-09 13:32:30 +00:00
include add a macro to check overlapping pointers 2015-05-09 15:41:47 +00:00
lib Update HISTORY from OpenBSD: strerror from 4.3 Reno, perror from v4. 2015-05-09 19:01:53 +00:00
libexec Bump date for previous. 2015-05-05 08:08:33 +00:00
regress moved to tests/net/in_cksum. 2015-01-05 22:39:29 +00:00
rescue Remove rtsol(8) and rtsold(8) as their functionality is in dhcpcd(8). 2014-09-11 13:10:03 +00:00
sbin Use _PATH_WATCHDOG from <paths.h> instead of locally-defined value. 2015-05-06 23:08:30 +00:00
share ICYMI 2015-05-09 18:18:32 +00:00
sys Jetson TK1: USB1 VBUS power is controlled by GPIO N4 2015-05-09 18:57:30 +00:00
tests Use correcet variable name when printing the error code. 2015-05-07 06:23:23 +00:00
tools misc/48722: Use explicit HOST_SH in case the user insists on removing 2015-03-05 10:22:25 +00:00
usr.bin Also check the other emitted getrlimit call for failure. 2015-05-09 18:48:14 +00:00
usr.sbin perror -> warn 2015-05-09 18:32:04 +00:00
x11 Use ${TOOL_GZIP_N} instead of ${TOOL_GZIP} -n, and similarly 2014-08-05 15:40:58 +00:00
BUILDING regen 2015-04-08 05:48:24 +00:00
Makefile PR 49870: pass the xsrc path to postinstall 2015-05-03 15:13:13 +00:00
Makefile.inc
UPDATING mention yacc requirement for acpica 2015-04-14 14:18:59 +00:00
build.sh Fix typo in usage. From Christopher M. Fuhrman in PR 49882. 2015-05-06 17:31:49 +00:00