RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2026-01-19 10:31:00 +00:00
Code Issues Activity Actions
serenity/Libraries
History
Ben Wiederhake aa36e9917c LibC: Prefer strlcpy over strcpy in getgrent(), fix overflow 
An overlong group name in /etc/groups would have caused getgrent() to overflow
the global __grdb_entry. Curiously, overflow *within* __grdb_entry seems to have
no detrimental effects.

However, it was possible for a malicious sysadmin(?!) to craft an /etc/group
that overflows outside of the page allocated for __grdb_entry thus crash the
calling process. This affected at least SystemServer and su.

Now, the group name will be simply truncated. For display purposes, this is
fine. In case there is an exceptionally long group, it will not be properly
recognized. Also, a malicious /etc/groups might cause the caller of getgrent()
to become confused, but that is unavoidable.
2020-08-24 00:45:03 +02:00
..
LibAudio AK: Rename KB, MB, GB to KiB, MiB, GiB 2020-08-16 16:33:28 +02:00
LibC LibC: Prefer strlcpy over strcpy in getgrent(), fix overflow 2020-08-24 00:45:03 +02:00
LibChess LibChess: Shrink Chess::Piece from 8 bytes to 1 byte 2020-08-21 13:46:07 +02:00
LibCompress LibCompress: Turn the DEFLATE implementation into a stream. 2020-08-20 16:28:31 +02:00
LibCore LibCore: Fix spelling for month of "August" 2020-08-22 11:54:30 +02:00
LibCrypt LibCrypt: Add LibCrypt, crypt, and crypt_r 2020-07-28 17:07:22 +02:00
LibCrypto LibCrypto: Don't cause errors when function unused 2020-08-23 00:53:16 +02:00
LibDebug HackStudio: Implement "Step Over" debugging action 2020-08-22 09:48:59 +02:00
LibDesktop FileManager: Allow double-clicking applications again 2020-07-15 00:11:30 +02:00
LibELF LibELF: Ignore PT_GNU_STACK headers 2020-08-20 10:12:45 +02:00
LibGemini AK: Rename KB, MB, GB to KiB, MiB, GiB 2020-08-16 16:33:28 +02:00
LibGfx LibGUI+LibGfx: Implement upside-down appearance for bottom-side tabs 2020-08-23 23:53:45 +02:00
LibGUI LibGUI: Fix an unsightly pixel glitch in bottom-side tabs 2020-08-24 00:05:40 +02:00
LibHTTP LibHTTP: Fix processing terminating chunk 2020-08-19 15:28:31 +02:00
LibImageDecoderClient ImageDecoder: Add a new service for out-of-process image decoding :^) 2020-06-22 21:47:00 +02:00
LibIPC LibIPC: Fix waiting for specific message 2020-08-03 15:59:11 +02:00
LibJS LibJS: Implement Date.getUTC* 2020-08-23 22:00:05 +02:00
LibKeyboard Kernel+LibKeyboard: Store the keymap name when setting system keymap 2020-08-06 17:45:06 +02:00
LibLine LibLine: Correct weird arrow up/down behaviour 2020-08-23 15:36:11 +02:00
LibM LibM: Mark compilation-unit-only functions as static 2020-08-12 20:40:59 +02:00
LibMarkdown LibMarkdown: Reset offset to 0 on each new List line 2020-07-14 17:45:16 +02:00
LibPCIDB LibPCIDB: Mark compilation-unit-only functions as static 2020-08-12 20:40:59 +02:00
LibProtocol ProtocolServer+LibTLS: Pipe certificate requests from LibTLS to clients 2020-08-02 18:57:51 +02:00
LibPthread AK: Rename KB, MB, GB to KiB, MiB, GiB 2020-08-16 16:33:28 +02:00
LibTextCodec LibTextCodec: Mark compilation-unit-only functions as static 2020-08-12 20:40:59 +02:00
LibThread LibThread: Uninitialized member variable in Thread, found by Coverity 2020-08-17 09:17:57 +02:00
LibTLS Meta: Fix wrong 'using namespace X' usages 2020-08-23 00:53:16 +02:00
LibUnwind LibUnwind: Create UnwindBase.h to capture the EH ABI in code 2020-05-14 08:50:10 +02:00
LibVT WindowServer+LibVT: Convert some dbgprintf() to dbg() 2020-08-18 17:19:52 +02:00
LibWeb LibWeb: InProcessWebView::selected_text() should use the focused frame 2020-08-21 18:58:21 +02:00
LibX86 LibX86: Remove some allocations from Instruction::to_string 2020-08-16 19:38:55 +02:00
CMakeLists.txt Chess: Refactor game logic into LibChess for use in engines 2020-08-21 12:26:30 +02:00