• Vladimír Čunát's avatar
    daemon TCP to upstream: don't send wrong message length · 10a113d7
    Vladimír Čunát authored
    See the added comments.  Such bugs are tricky, because the old code
    would typically work just fine, only if libuv/OS decided to postpone
    copying the data (perhaps large load), we would send two bytes from
    this address on C stack - their later value (hard to predict what).
    
    Security risks: the two bytes might theoretically contain information
    that was more or less private and we just send it to some DNS server
    (possibly over unencrypted TCP), but ATM I find it very unlikely that
    this bug could be practically exploited.
    10a113d7
Name
Last commit
Last update
bench Loading commit data...
ci Loading commit data...
client Loading commit data...
contrib Loading commit data...
daemon Loading commit data...
distro Loading commit data...
doc Loading commit data...
etc Loading commit data...
lib Loading commit data...
modules Loading commit data...
scripts Loading commit data...
systemd Loading commit data...
tests Loading commit data...
.clang-tidy Loading commit data...
.dir-locals.el Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
.gitmodules Loading commit data...
.luacheckrc Loading commit data...
.travis.yml Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
CodingStyle Loading commit data...
Dockerfile Loading commit data...
NEWS Loading commit data...
README.md Loading commit data...
meson.build Loading commit data...
meson_options.txt Loading commit data...