Commits
- Commit:
6468868fee132f062133ad9a1d373ef213e689f1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
print a deprecation message for the map rule
- Commit:
4ee085938fdea146bb03cbf9d22927207f777e65
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't mention the `map' rule anymore: `types' is way better
- Commit:
381fccdc5678f3c47b09fca182a68d0515cbdf66
- From:
- Omar Polo <op@omarpolo.com>
- Date:
lower padding
- Commit:
a9885c6d6b49a7d577417ea6987559062d8b361d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove outdated note
- Commit:
effbc069ba6d954276182d63a7914d2a784bcffb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
suggest to reload daemons too
- Commit:
379d2608e9b3449d3fb8aba8b383643e177e119a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
suggest /etc/systemd/system instead of /lib/
- Commit:
a9dc6fc60661479bf7961e8198dcdd2746abdacc
- From:
- Omar Polo <op@omarpolo.com>
- Date:
rephrase dockerfile description
- Commit:
456a4c6b6e2d1e506816be64dfc7cb36ca0c822a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add a "contributing" section
- Commit:
2a7f69f4eeb32a561a5a731e05145136030b4a71
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix `make static': compile `gg' too!
- Commit:
4252e62cad7a923226723cb2f0f054c12b89b3c2
- From:
- Omar Polo <op@omarpolo.com>
- Date:
"a posix libc" can be left implicit
- Commit:
a68203f089038d253de90759aaf385f79d3ec861
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove docker section; it's already showed off in the contrib page
- Commit:
f6a65aaef915b0bf8d08f912f40ab132316df8bb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
link the tar.bz2 too
- Commit:
efe75a7660c162c805f528162abc067f9bbe7b7d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
missing version bump in the site generator
- Commit:
1a04137e1869781efcd635a1abd4387ccfa6e56d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.3 -- "Lightbulb Sun" bugfix release
gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================
Released March 27, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a possible out-of-bound access in the CGI handling. It was
introduced last October during a refactoring, but due to how
many malloc(3) implementations works this hasn't been found
until now. Otto' malloc is more strict fortunately.
- Commit:
ea27eaaa83d61792e75858dc624c58fe1fa13dc9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix an out-of-bound access in start_cgi
Long time ago, client->req was a static buffer so the memcpy was safe.
However, it's been since moved to a dynamically allocated string, so
it's very often smaller than sizeof(req.buf) (1024), hence the out of
bound access which results in a SIGSEGV very often on OpenBSD thanks to
Otto' malloc.
The situation with the iri parser, client->req and how the request is
forwarded to the other process needs to be improved: this is just a fix
to address the issue quickly, a better one would be to restructure the
iri parser APIs and rethink how the info is forwarded to the ex process.