[Bug 225706] www/uwsgi: Fix potential stack overflow in uwsgi_expand_path()

Tue Feb 6 18:36:18 UTC 2018

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225706

            Bug ID: 225706
           Summary: www/uwsgi: Fix potential stack overflow in
                    uwsgi_expand_path()
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97
                    a4eef7a3cdcbd85a71247bfe
                OS: Any
            Status: New
          Keywords: patch, security
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: vlad-fbsd at acheronmedia.com
                CC: eugene at zhegan.in, ports-secteam at FreeBSD.org
 Attachment #190363 maintainer-approval?(eugene at zhegan.in)
             Flags:
                CC: eugene at zhegan.in
             Flags: maintainer-feedback?(eugene at zhegan.in),
                    merge-quarterly?

Created attachment 190363
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=190363&action=edit
Fix potential stack overflow in uwsgi_expand_path()

A stack overflow situation has been found and fixed in uwsgi with the following
commit:

https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe

Attached is the ported patch. Builds with Poudriere 11.1 amd64, run-time tested
in production.

New release of uwsgi (2.0.16) is pending any day now, which will probably
include this, but I've filed this PR anyway for your consideration to include
it earlier.

-- 
You are receiving this mail because:
You are the assignee for the bug.