Commits

commits@lists.kronosnet.org

1 participants
19618 discussions

[kronosnet/kronosnet] 38e409: [build] add --with-sanitizers= option for sanitize...

by Fabio M. Di Nitto

Branch: refs/heads/master Home: https://github.com/kronosnet/kronosnet Commit: 38e40998ec6b843218251a2b56cb056d5b9fbc6e https://github.com/kronosnet/kronosnet/commit/38e40998ec6b843218251a2b56cb0… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add --with-sanitizers= option for sanitizer builds this option is stricly meant for runtime debugging purposes. do NOT use in production. check gcc/clang man pages on how to use ASAN/UBSAN/TSAN. Also allow users to specificy SANITIZERS_CFLAGS and SANITIZERS_LDFLAGS for advanced use. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com> Commit: 7c470fe6fe90d7a523ca0bfc238ed89e0948f940 https://github.com/kronosnet/kronosnet/commit/7c470fe6fe90d7a523ca0bfc238ed… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- Merge pull request #263 from kronosnet/runtime-debug [build] add --with-sanitizers= option for sanitizer builds Compare: https://github.com/kronosnet/kronosnet/compare/f2f1fe9162ca...7c470fe6fe90

4 years, 11 months

[kronosnet/kronosnet]

by kronosnet CI bot

Branch: refs/heads/coverity_scan Home: https://github.com/kronosnet/kronosnet

4 years, 11 months

[kronosnet/kronosnet] 38e409: [build] add --with-sanitizers= option for sanitize...

by Fabio M. Di Nitto

Branch: refs/heads/runtime-debug Home: https://github.com/kronosnet/kronosnet Commit: 38e40998ec6b843218251a2b56cb056d5b9fbc6e https://github.com/kronosnet/kronosnet/commit/38e40998ec6b843218251a2b56cb0… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add --with-sanitizers= option for sanitizer builds this option is stricly meant for runtime debugging purposes. do NOT use in production. check gcc/clang man pages on how to use ASAN/UBSAN/TSAN. Also allow users to specificy SANITIZERS_CFLAGS and SANITIZERS_LDFLAGS for advanced use. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>

4 years, 11 months

[kronosnet/kronosnet] f2f1fe: Merge pull request #262 from ThomasLamprecht/fix-d...

by Fabio M. Di Nitto

Branch: refs/heads/coverity_scan Home: https://github.com/kronosnet/kronosnet Commit: f2f1fe9162ca82d45187ab0b26009207932686f0 https://github.com/kronosnet/kronosnet/commit/f2f1fe9162ca82d45187ab0b26009… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- Merge pull request #262 from ThomasLamprecht/fix-doxyxml-overflow doxyxml: print_param: fix heap-buffer-overflow on read Commit: 8aed30b407ba138f07d31e51c56bd64d0c0671a4 https://github.com/kronosnet/kronosnet/commit/8aed30b407ba138f07d31e51c56bd… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add options for ASAN/UBSAN/TSAN runtime sanitizer builds those options are stricly meant for runtime debugging purposes. do NOT use in production. check gcc/clang man pages on how to use ASAN/UBSAN/TSAN. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com> Compare: https://github.com/kronosnet/kronosnet/compare/f2bb002911d6...8aed30b407ba

4 years, 11 months

[kronosnet/kronosnet] 8aed30: [build] add options for ASAN/UBSAN/TSAN runtime sa...

by Fabio M. Di Nitto

Branch: refs/heads/runtime-debug Home: https://github.com/kronosnet/kronosnet Commit: 8aed30b407ba138f07d31e51c56bd64d0c0671a4 https://github.com/kronosnet/kronosnet/commit/8aed30b407ba138f07d31e51c56bd… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add options for ASAN/UBSAN/TSAN runtime sanitizer builds those options are stricly meant for runtime debugging purposes. do NOT use in production. check gcc/clang man pages on how to use ASAN/UBSAN/TSAN. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>

4 years, 11 months

[kronosnet/kronosnet] b8e5f8: [build] add options for ASAN and UBSAN builds

by Fabio M. Di Nitto

Branch: refs/heads/runtime-debug Home: https://github.com/kronosnet/kronosnet Commit: b8e5f8a6a5a676703333ac3a0101e91fbf54de78 https://github.com/kronosnet/kronosnet/commit/b8e5f8a6a5a676703333ac3a0101e… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M configure.ac M man/Makefile.am Log Message: ----------- [build] add options for ASAN and UBSAN builds those options are stricly meant for runtime debugging purposes. do NOT use in production. check gcc man pages on how to use ASAN and UBSAN. Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>

4 years, 11 months

[kronosnet/kronosnet] f2bb00: doxyxml: print_param: fix heap-buffer-overflow on ...

by Fabio M. Di Nitto

Branch: refs/heads/master Home: https://github.com/kronosnet/kronosnet Commit: f2bb002911d669f1b8c07cba5f86c580d4e30bf3 https://github.com/kronosnet/kronosnet/commit/f2bb002911d669f1b8c07cba5f86c… Author: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Date: 2019-10-08 (Tue, 08 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- doxyxml: print_param: fix heap-buffer-overflow on read in read_struct we can get the pi->paramtype assigned with: > pi->paramtype = type?strdup(type):strdup(""); And in print_param we then always check the last character by getting the strlen and subtracting one. But in the case where either type was NULL and we assigned an empty string, or type wasn't null but pointing to an empty string we ran into an read-heap-buffer-overflow as here strlen is zero, and so we the first if branch evaluated to > if (pi->paramtype[-1] == '*') { which isn't valid. Depending on the OS, protection of surrounding area due to said OS or the compiler, this can crash the program. Similar issue was the case for the next check for double pointers, here for all strings with strlen < 2. To solve this get the strlen early and check if we cannot underflow before doing the real read. Signed-off-by: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Commit: f2f1fe9162ca82d45187ab0b26009207932686f0 https://github.com/kronosnet/kronosnet/commit/f2f1fe9162ca82d45187ab0b26009… Author: Fabio M. Di Nitto <fdinitto(a)redhat.com> Date: 2019-10-09 (Wed, 09 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- Merge pull request #262 from ThomasLamprecht/fix-doxyxml-overflow doxyxml: print_param: fix heap-buffer-overflow on read Compare: https://github.com/kronosnet/kronosnet/compare/a0128b93d4a6...f2f1fe9162ca

4 years, 11 months

[kronosnet/kronosnet] f2bb00: doxyxml: print_param: fix heap-buffer-overflow on ...

by Thomas Lamprecht

Branch: refs/heads/coverity_scan Home: https://github.com/kronosnet/kronosnet Commit: f2bb002911d669f1b8c07cba5f86c580d4e30bf3 https://github.com/kronosnet/kronosnet/commit/f2bb002911d669f1b8c07cba5f86c… Author: Thomas Lamprecht <t.lamprecht(a)proxmox.com> Date: 2019-10-08 (Tue, 08 Oct 2019) Changed paths: M man/doxyxml.c Log Message: ----------- doxyxml: print_param: fix heap-buffer-overflow on read in read_struct we can get the pi->paramtype assigned with: > pi->paramtype = type?strdup(type):strdup(""); And in print_param we then always check the last character by getting the strlen and subtracting one. But in the case where either type was NULL and we assigned an empty string, or type wasn't null but pointing to an empty string we ran into an read-heap-buffer-overflow as here strlen is zero, and so we the first if branch evaluated to > if (pi->paramtype[-1] == '*') { which isn't valid. Depending on the OS, protection of surrounding area due to said OS or the compiler, this can crash the program. Similar issue was the case for the next check for double pointers, here for all strings with strlen < 2. To solve this get the strlen early and check if we cannot underflow before doing the real read. Signed-off-by: Thomas Lamprecht <t.lamprecht(a)proxmox.com>

4 years, 11 months

pacemaker-build-all-nonvoting - Build # 910 - Failure!

by jenkins＠kronosnet.org

pacemaker-build-all-nonvoting - Build # 910 - Failure: Check console output at https://ci.kronosnet.org/job/pacemaker-build-all-nonvoting/910/ to view the results.

4 years, 11 months

knet-build-all-voting - Build # 1503 - Failure!

by jenkins＠kronosnet.org

knet-build-all-voting - Build # 1503 - Failure: Check console output at https://ci.kronosnet.org/job/knet-build-all-voting/1503/ to view the results.

4 years, 11 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Commits