0572f01117
Per https://discourse.gnome.org/t/port-your-module-from-g-memdup-to-g-memdup2-now/5538 The old API took the size of the memory to duplicate as a guint, whereas most memory functions take memory sizes as a gsize. This made it easy to accidentally pass a gsize to g_memdup(). For large values, that would lead to a silent truncation of the size from 64 to 32 bits, and result in a heap area being returned which is significantly smaller than what the caller expects. This can likely be exploited in various modules to cause a heap buffer overflow. Replace g_memdup() by the safer g_memdup2() wrapper. Trivially safe because the argument was directly from sizeof. Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210903174510.751630-12-philmd@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> |
||
---|---|---|
.. | ||
hppa_hardware.h | ||
Kconfig | ||
machine.c | ||
meson.build | ||
trace.h |