| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Use-correct-types-for-sizes-to-avoid-overwriting-unr.patch | Use correct types for sizes to avoid overwriting unrelated data sig_size is declared as uint32_t, but later typecast to size_t, which is significantly wider on 64-bit architectures. To avoid potential issues in other places, promote sizes and lengths to size_t/ssize_t where this makes sense |
Andrej Shadura <andrew.shadura@collabora.co.uk> | no | 2020-01-30 | ||
| 0002-Check-the-hash-algorithm-before-possibly-failing-to-.patch | Check the hash algorithm before (possibly failing to) malloc malloc only accepts unsigned sizes, so failing to catch a negative size as an errorcode will result in a malloc call with an enormous value, leading to an allocation failure and a nonsensical error message. |
Andrej Shadura <andrew.shadura@collabora.co.uk> | no | 2020-01-30 |