Request 1068066: Submit libdwarf - openSUSE Build Service

Overview

Request 1068066 accepted

- update to 0.6.0:
Fixes for Denial Of Service (possible libdwarf crash):
* The dealloc required for dwarf_offset_list() was incorrect,
possibly leading to a crash.
* The function prototype for dwarf_dietype_offset() changed so
it can work correctly on DWARF4 objects.
* A memory leak from dwarf_load_loclists() has been fixed.
* The function dwarf_get_pubtypes() changed, Dwarf_Type no longer
exists, correcting a library design mistake made in 1993.
The function applied to DWARF3 and DWARF4 objects.
* The set of functions using Dwarf_Type are gone, use Dwarf_Global
instead. An object with DW_FORM_strx3 (DWARF5) could result in
the library either crashing or returning an inappropriate error.
DW_FORM_strx3 is now handled
* https://newreleases.io/github/davea42/libdwarf-code?version=v0.6.0

Created by dirkmueller almost 2 years ago
In state accepted

Submit libdwarf

Comments for request 1068066 0

Login required, please login in order to comment

Request History

dirkmueller created request almost 2 years ago

- update to 0.6.0:
Fixes for Denial Of Service (possible libdwarf crash):
* The dealloc required for dwarf_offset_list() was incorrect,
possibly leading to a crash.
* The function prototype for dwarf_dietype_offset() changed so
it can work correctly on DWARF4 objects.
* A memory leak from dwarf_load_loclists() has been fixed.
* The function dwarf_get_pubtypes() changed, Dwarf_Type no longer
exists, correcting a library design mistake made in 1993.
The function applied to DWARF3 and DWARF4 objects.
* The set of functions using Dwarf_Type are gone, use Dwarf_Global
instead. An object with DW_FORM_strx3 (DWARF5) could result in
the library either crashing or returning an inappropriate error.
DW_FORM_strx3 is now handled
* https://newreleases.io/github/davea42/libdwarf-code?version=v0.6.0

factory-auto added opensuse-review-team as a reviewer almost 2 years ago

Please review sources

factory-auto accepted review almost 2 years ago

Check script succeeded

staging-bot added as a reviewer almost 2 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:23"

staging-bot accepted review almost 2 years ago

Picked "openSUSE:Factory:Staging:adi:23"

licensedigger accepted review almost 2 years ago

The legal review is accepted preliminary. The package may require actions later on.

dimstar accepted review almost 2 years ago

dimstar_suse accepted review almost 2 years ago

Staging Project openSUSE:Factory:Staging:adi:23 got accepted.

dimstar_suse approved review almost 2 years ago

Staging Project openSUSE:Factory:Staging:adi:23 got accepted.

dimstar_suse accepted request almost 2 years ago

Staging Project openSUSE:Factory:Staging:adi:23 got accepted.

openSUSE Build Service is sponsored by