upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/contrib
History
Mariusz Zaborski 3078dad2f2 libnv: verify that string is null terminated 
During unpacking, we ensure that we do not read beyond the
declared size. However, unpack uses a function that copies
null-terminated strings. Prior to this commit, if the last string
was not null-terminated, it could result in copying data into a
buffer smaller than the allocated size.

Security:       FreeBSD-24:09.libnv
Security:       CVE-2024-45288
Security:       CAP-03
Reported by:    Synacktiv
Sponsored by:   The Alpha-Omega Project
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D46138

(cherry picked from commit 3aaaca1b51ad844ef9e9b3d945217ab3dd189bae)
(cherry picked from commit 9c2ef10216)

Approved by:	so
2024-09-05 08:08:36 +02:00
..
alpine-hal Update Annapurna Alpine HAL 2016-09-20 09:19:22 +00:00
ck ck_queue: add CK_*_FOREACH_FROM 2023-02-25 10:34:06 -05:00
dev ice_ddp: Update package to 1.3.36.0 2024-04-24 15:14:48 -07:00
device-tree Import device-tree files from Linux 6.4 2023-08-09 15:32:31 +02:00
dpdk_rte_lpm spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
edk2 Document upgrade procedure in FREEBSD-upgrade 2020-06-04 20:48:57 +00:00
ena-com ena: Upgrade ena-com to freebsd v2.7.0 2024-01-14 21:18:10 +00:00
libb2 MFV: libb2: use native calls for secure memory clearance 2018-03-27 14:55:01 +00:00
libfdt MFV r328490: Update libfdt to github:f1879e1 2018-01-27 21:25:45 +00:00
libnv libnv: verify that string is null terminated 2024-09-05 08:08:36 +02:00
libsodium Add chacha20poly1305 support to crypto build 2020-02-16 00:03:09 +00:00
ncsw powerpc: Use valid prototypes for function declarations with no arguments. 2023-04-24 08:53:50 -07:00
openzfs Destroy ARC buffer in case of fill error 2024-07-10 07:59:41 +02:00
pcg-c/include pcg-c: Add 'static' to inline function definitions 2020-08-15 18:46:26 +00:00
rdma/krping irdma: Convert to IfAPI 2023-04-25 14:25:31 -04:00
v4l
vchiq/interface vchiq: Remove unused devclass argument to DRIVER_MODULE. 2022-05-10 10:21:39 -07:00
x86emu x86emu: remove localy added __FBSDID 2023-12-13 23:08:51 +00:00
xen xen: fetch dom0 video console information from Xen 2023-03-09 17:13:17 +01:00
xz-embedded MFV: xz-embedded 3f438e15109229bb14ab45f285f4bff5412a9542 2022-11-17 22:04:57 -08:00
zlib zlib: use more memory for a small deflate speedup. 2024-03-20 20:49:04 -07:00
zstd MFV: zstd 1.5.2 2023-01-27 17:22:31 +00:00