mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-04-29 18:32:20 +02:00

Commit Graph

Author	SHA1	Message	Date
Vivek Kumbhar	c34e0e1e0f	go: fix CVE-2023-24537 Infinite loop in parsing Setting a large line or column number using a //line directive can cause integer overflow even in small source files. Limit line and column numbers in //line directives to 2^30-1, which is small enough to avoid int32 overflow on all reasonbly-sized files. Fixes CVE-2023-24537 Fixes #59273 For #59180 (From OE-Core rev: 15c07dff384ce4fb0e90f4f32c182a82101a1c82) Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2023-04-26 04:03:21 -10:00

Author

SHA1

Message

Date

Vivek Kumbhar

c34e0e1e0f

go: fix CVE-2023-24537 Infinite loop in parsing

Setting a large line or column number using a //line directive can cause
integer overflow even in small source files.

Limit line and column numbers in //line directives to 2^30-1, which
is small enough to avoid int32 overflow on all reasonbly-sized files.

Fixes CVE-2023-24537
Fixes #59273
For #59180

(From OE-Core rev: 15c07dff384ce4fb0e90f4f32c182a82101a1c82)

Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2023-04-26 04:03:21 -10:00

1 Commits