artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7c601e6) | patch
Fix CVE-2023-24056, unbounded variable expansion in pkg-config.
authormillert <millert@openbsd.org>
Wed, 25 Jan 2023 19:06:50 +0000 (19:06 +0000)
committermillert <millert@openbsd.org>
Wed, 25 Jan 2023 19:06:50 +0000 (19:06 +0000)
commit99a8c03ea500ea834cd0ac62431ef4196ce6a0f2
treec78e2cae7a8c8eb48fd5042d89264a2a42fcc1e8tree | snapshot
parent7c601e62aaac9d63b4ccf68f98d354af760b41a9commit | diff
Fix CVE-2023-24056, unbounded variable expansion in pkg-config.
We now die with an error when trying to expand a variable that is
already longer than 64K.  This was never a buffer overflow in our
pkg-config, but rather an unbounded memory allocation that would
eventually run up against resource limits.  OK sthen@ jasper@
usr.bin/pkg-config/OpenBSD/PkgConfig.pm diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim