1. 29 May, 2019 1 commit
    • Vladimír Čunát's avatar
      daemon TCP to upstream: don't send wrong message length · 10a113d7
      Vladimír Čunát authored
      See the added comments.  Such bugs are tricky, because the old code
      would typically work just fine, only if libuv/OS decided to postpone
      copying the data (perhaps large load), we would send two bytes from
      this address on C stack - their later value (hard to predict what).
      
      Security risks: the two bytes might theoretically contain information
      that was more or less private and we just send it to some DNS server
      (possibly over unencrypted TCP), but ATM I find it very unlikely that
      this bug could be practically exploited.
      10a113d7
  2. 28 May, 2019 2 commits
  3. 22 May, 2019 2 commits
  4. 29 Apr, 2019 2 commits
  5. 18 Apr, 2019 15 commits
  6. 17 Apr, 2019 2 commits
    • Vladimír Čunát's avatar
      lua module layers: avoid incorrect returns on errors · 1ad8c45e
      Vladimír Čunát authored
      The layer functions are supposed to return the new state.
      We've been lucky that errors are negative numbers and thus
      they typically passed the (status & KR_STATE_FAIL) test.
      1ad8c45e
    • Vladimír Čunát's avatar
      module API+ABI: remove one level of indirection · 176b1c28
      Vladimír Čunát authored
      ... for layers and props.  This breaks C module API+ABI.
      
      It seemed weird to repeatedly call a function that returns a pointer
      to a structure in which we find the function we want to actually call.
      We've never used changing these functions AFAIK, and the target
      functions could easily be written to change their behavior instead
      (i.e. move the indirection *inside* the function).
      
      When breaking this, I also removed these two (_layers and _props)
      from the dynamic symbols (to be) exported from the C modules.
      They always pointed to memory belonging inside the module,
      and they seem quite sensible to be set up by the _init symbol instead.
      176b1c28
  7. 16 Apr, 2019 1 commit
  8. 11 Apr, 2019 14 commits
  9. 10 Apr, 2019 1 commit