[PATCH v3 0/22] hardening allocations against integer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Feb 19, 2016 at 06:19:41AM -0500, Jeff King wrote:

> Here's a re-roll of jk/tighten-alloc series from:
> 
>   http://thread.gmane.org/gmane.comp.version-control.git/286253

And here's v3. The changes this time (and philosophical rationalization
of changes I didn't make) are pretty small:

  - flip the order of arguments to st_mult() in ALLOC_ARRAY, et al, to
    get a probably-irrelevant-but-so-easy-why-not optimization

  - mark new global var in daemon.c as static

  - add argv_array_detach (new patch 6) to avoid gross memory management
    when converting line-log to use argv_array in the subsequent patch

So I hope this one is ready for 'next'.  Thanks René, Ramsay, and Eric
for reviewing.

  [01/22]: reflog_expire_cfg: NUL-terminate pattern field
  [02/22]: add helpers for detecting size_t overflow
  [03/22]: tree-diff: catch integer overflow in combine_diff_path allocation
  [04/22]: harden REALLOC_ARRAY and xcalloc against size_t overflow
  [05/22]: add helpers for allocating flex-array structs
  [06/22]: argv-array: add detach function
  [07/22]: convert manual allocations to argv_array
  [08/22]: convert trivial cases to ALLOC_ARRAY
  [09/22]: use xmallocz to avoid size arithmetic
  [10/22]: convert trivial cases to FLEX_ARRAY macros
  [11/22]: use st_add and st_mult for allocation size computation
  [12/22]: prepare_{git,shell}_cmd: use argv_array
  [13/22]: write_untracked_extension: use FLEX_ALLOC helper
  [14/22]: fast-import: simplify allocation in start_packfile
  [15/22]: fetch-pack: simplify add_sought_entry
  [16/22]: test-path-utils: fix normalize_path_copy output buffer size
  [17/22]: sequencer: simplify memory allocation of get_message
  [18/22]: git-compat-util: drop mempcpy compat code
  [19/22]: transport_anonymize_url: use xstrfmt
  [20/22]: diff_populate_gitlink: use a strbuf
  [21/22]: convert ewah/bitmap code to use xmalloc
  [22/22]: ewah: convert to REALLOC_ARRAY, etc

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]