Commits October 2019

commits@lists.kronosnet.org

2 participants
174 discussions

[kronosnet/kronosnet] 8aed30: [build] add options for ASAN/UBSAN/TSAN runtime sa...
by Fabio M. Di Nitto 09 Oct '19

09 Oct '19

Branch: refs/heads/runtime-debug Home: https://github.com/kronosnet/kronosnet Commit: 8aed30b407ba138f07d31e51c56bd64d0c0671a4 https://github.com/kronosnet/kronosnet/commit/8aed30b407ba138f07d31e51c56bd… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add options for ASAN/UBSAN/TSAN runtime sanitizer builds those options are stricly meant for runtime debugging purposes. do NOT use in production. check gcc/clang man pages on how to use ASAN/UBSAN/TSAN. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>

1 0

[kronosnet/kronosnet] b8e5f8: [build] add options for ASAN and UBSAN builds
by Fabio M. Di Nitto 09 Oct '19

09 Oct '19

Branch: refs/heads/runtime-debug Home: https://github.com/kronosnet/kronosnet Commit: b8e5f8a6a5a676703333ac3a0101e91fbf54de78 https://github.com/kronosnet/kronosnet/commit/b8e5f8a6a5a676703333ac3a0101e… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add options for ASAN and UBSAN builds those options are stricly meant for runtime debugging purposes. do NOT use in production. check gcc man pages on how to use ASAN and UBSAN. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>

1 0

[kronosnet/kronosnet] f2bb00: doxyxml: print_param: fix heap-buffer-overflow on ...
by Fabio M. Di Nitto 09 Oct '19

09 Oct '19

Branch: refs/heads/master Home: https://github.com/kronosnet/kronosnet Commit: f2bb002911d669f1b8c07cba5f86c580d4e30bf3 https://github.com/kronosnet/kronosnet/commit/f2bb002911d669f1b8c07cba5f86c… Author: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Date: 2019-10-08 (Tue, 08 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- doxyxml: print_param: fix heap-buffer-overflow on read in read_struct we can get the pi->paramtype assigned with: > pi->paramtype = type?strdup(type):strdup(""); And in print_param we then always check the last character by getting the strlen and subtracting one. But in the case where either type was NULL and we assigned an empty string, or type wasn't null but pointing to an empty string we ran into an read-heap-buffer-overflow as here strlen is zero, and so we the first if branch evaluated to > if (pi->paramtype[-1] == '*') { which isn't valid. Depending on the OS, protection of surrounding area due to said OS or the compiler, this can crash the program. Similar issue was the case for the next check for double pointers, here for all strings with strlen < 2. To solve this get the strlen early and check if we cannot underflow before doing the real read. Signed-off-by: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Commit: f2f1fe9162ca82d45187ab0b26009207932686f0 https://github.com/kronosnet/kronosnet/commit/f2f1fe9162ca82d45187ab0b26009… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- Merge pull request #262 from ThomasLamprecht/fix-doxyxml-overflow doxyxml: print_param: fix heap-buffer-overflow on read Compare: https://github.com/kronosnet/kronosnet/compare/a0128b93d4a6...f2f1fe9162ca

1 0

[kronosnet/kronosnet] f2bb00: doxyxml: print_param: fix heap-buffer-overflow on ...
by Thomas Lamprecht 09 Oct '19

09 Oct '19

Branch: refs/heads/coverity_scan Home: https://github.com/kronosnet/kronosnet Commit: f2bb002911d669f1b8c07cba5f86c580d4e30bf3 https://github.com/kronosnet/kronosnet/commit/f2bb002911d669f1b8c07cba5f86c… Author: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Date: 2019-10-08 (Tue, 08 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- doxyxml: print_param: fix heap-buffer-overflow on read in read_struct we can get the pi->paramtype assigned with: > pi->paramtype = type?strdup(type):strdup(""); And in print_param we then always check the last character by getting the strlen and subtracting one. But in the case where either type was NULL and we assigned an empty string, or type wasn't null but pointing to an empty string we ran into an read-heap-buffer-overflow as here strlen is zero, and so we the first if branch evaluated to > if (pi->paramtype[-1] == '*') { which isn't valid. Depending on the OS, protection of surrounding area due to said OS or the compiler, this can crash the program. Similar issue was the case for the next check for double pointers, here for all strings with strlen < 2. To solve this get the strlen early and check if we cannot underflow before doing the real read. Signed-off-by: Thomas Lamprecht <t.lamprecht(a)proxmox.com>

1 0

pacemaker-build-all-nonvoting - Build # 910 - Failure!
by jenkins＠kronosnet.org 08 Oct '19

08 Oct '19

pacemaker-build-all-nonvoting - Build # 910 - Failure: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-nonvoting/910/ to view the results.

1 0

knet-build-all-voting - Build # 1503 - Failure!
by jenkins＠kronosnet.org 07 Oct '19

07 Oct '19

knet-build-all-voting - Build # 1503 - Failure: Check console output at https://ci.kronosnet.org/job/knet-build-all-voting/1503/ to view the results.

1 1

pacemaker-build-all-voting - Build # 1733 - Failure!
by jenkins＠kronosnet.org 04 Oct '19

04 Oct '19

pacemaker-build-all-voting - Build # 1733 - Failure: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-voting/1733/ to view the results.

1 4

pacemaker-build-all-voting - Build # 1731 - Still Failing!
by jenkins＠kronosnet.org 03 Oct '19

03 Oct '19

pacemaker-build-all-voting - Build # 1731 - Still Failing: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-voting/1731/ to view the results.

1 0

pacemaker-build-all-voting - Build # 1728 - Failure!
by jenkins＠kronosnet.org 03 Oct '19

03 Oct '19

pacemaker-build-all-voting - Build # 1728 - Failure: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-voting/1728/ to view the results.

1 1

pacemaker-build-all-voting - Build # 1726 - Failure!
by jenkins＠kronosnet.org 02 Oct '19

02 Oct '19

pacemaker-build-all-voting - Build # 1726 - Failure: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-voting/1726/ to view the results.

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Commits October 2019