https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd From d1a5ede5d255bde8ef707f8441b997563b9312bd Mon Sep 17 00:00:00 2001 From: Nathan Crandall Date: Tue, 12 Jul 2022 08:56:34 +0200 Subject: gweb: Fix OOB write in received_data() There is a mismatch of handling binary vs. C-string data with memchr and strlen, resulting in pos, count, and bytes_read to become out of sync and result in a heap overflow. Instead, do not treat the buffer as an ASCII C-string. We calculate the count based on the return value of memchr, instead of strlen. Fixes: CVE-2022-32292 --- gweb/gweb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gweb/gweb.c b/gweb/gweb.c index 12fcb1d8..13c6c5f2 100644 --- a/gweb/gweb.c +++ b/gweb/gweb.c @@ -918,7 +918,7 @@ static gboolean received_data(GIOChannel *channel, GIOCondition cond, } *pos = '\0'; - count = strlen((char *) ptr); + count = pos - ptr; if (count > 0 && ptr[count - 1] == '\r') { ptr[--count] = '\0'; bytes_read--; -- cgit t/'>aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/aux-files/python/sitecustomize.py
AgeCommit message (Expand)Author
2022-01-10sitecustomize.py: Honor .pth files....Fixes <https://issues.guix.gnu.org/52269>. * gnu/packages/aux-files/python/sitecustomize.py: Use site.addsitedirs to add the site directories; this takes care of the .pth files. Make sure the added items still appear before Python's own 'site-packages' directory. Maxim Cournoyer
2021-11-11aux-files: sitecustomize: Cleanup and add explanatory comments....Fixes <https://issues.guix.gnu.org/50105>. * gnu/packages/aux-files/python/sitecustomize.py: Add a comment explaining the general idea, and use sys.prefix instead of sys.executable. (major_minor): Use the unpacking operator (*) to provide the arguments. (site_packages_prefix): Use os.path.join to form the path. (python_site): Likewise. Use sys.prefix instead of sys.executable. (all_sites_raw): Split on os.path.pathsep. (sys.path): Directly splice the result in the list. Suggested-by: Hartmut Goebel <h.goebel@crazy-compilers.com> Reported-by: Mathieu Othacehe <othacehe@gnu.org> Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Maxim Cournoyer
2021-02-01gnu: python: Replace PYTHONPATH by GUIX_PYTHONPATH....Using PYTHONPATH as a mean to discover the Python packages had the following issues: 1. It is not versioned, so different versions of Python would clash if installed in a shared profile. 2. It would interfere with the host Python site on foreign distributions, sometimes preventing a a user to login their GDM session (!). 3. It would take precedence over user installed Python packages installed through pip. 4. It would leak into Python virtualenvs, which are supposed to create isolated Python environments. This changes fixes the above issues by making use of a sitecustomize.py module. The newly introduced GUIX_PYTHONPATH environment variable is read from the environment, filtered for the current Python version of the interpreter, and spliced in 'sys.path' just before Python's own site location, which provides the expected behavior. * gnu/packages/aux-files/python/sitecustomize.py: New file. * Makefile.am: Register it. * gnu/packages/python.scm (customize-site) (guix-pythonpath-search-path): New procedures. (python-2.7)[phases]{install-sitecustomize.py}: New phase. [native-inputs]{sitecustomize.py}: New input. [native-search-paths]: Replace PYTHONPATH with GUIX_PYTHONPATH. (python-3.9)[native-search-paths]: Likewise. [phases]{install-sitecustomize}: Override with correct version. [native-search-paths]: Replace PYTHONPATH with GUIX_PYTHONPATH. * gnu/packages/commencement.scm (python-boot0): [phases]{install-sitecustomize}: Likewise. [native-inputs]{sitecustomize.py}: New input. [native-search-paths]: Replace PYTHONPATH with GUIX_PYTHONPATH. * guix/build/python-build-system.scm (site-packages): Do not add a trailing '/'. squash! gnu: python: Replace PYTHONPATH by GUIX_PYTHONPATH. Maxim Cournoyer