svn commit: r305486 - head/usr.bin/bsdiff/bspatch
Shawn Webb
shawn.webb at hardenedbsd.org
Thu Sep 29 08:34:02 UTC 2016
On Tue, Sep 06, 2016 at 07:00:37PM +0000, Ed Maste wrote:
> Author: emaste
> Date: Tue Sep 6 19:00:37 2016
> New Revision: 305486
> URL: https://svnweb.freebsd.org/changeset/base/305486
>
> Log:
> bspatch: add sanity checks on sizes to avoid integer overflow
>
> Note that this introduces an explicit 2GB limit, but this was already
> implicit in variable and function argument types.
>
> This is based on the "non-cryptanalytic attacks against freebsd
> update components" anonymous gist. Further refinement is planned.
>
> Reviewed by: allanjude, cem, kib
> Obtained from: anonymous gist
> MFC after: 3 days
> Sponsored by: The FreeBSD Foundation
> Differential Revision: https://reviews.freebsd.org/D7619
Hey Ed,
Any plans to release a security announcement?
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20160929/4ffd8dba/attachment.sig>
More information about the svn-src-all
mailing list