openwrt/toolchain
Petr Štetiar 4d4ef1058c musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.

This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.

All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-11-20 13:24:48 +01:00
..
binutils toolchain/binutils: update to 2.35.1 2020-10-04 18:57:33 +02:00
fortify-headers toolchain/fortify-headers: Update to 1.1 2019-07-28 09:43:49 +01:00
gcc toolchain: Update GCC 10 to version 10.2.0 2020-08-31 22:11:23 +02:00
gdb toolchain: gdb: Remove ARC patches 2020-11-01 20:54:37 +01:00
glibc glibc: update to latest 2.32 commit (BZ #25399) 2020-11-12 17:49:20 +01:00
kernel-headers toolchain/kernel-headers: don't use TARGET_CFLAGS 2019-10-16 16:10:38 +01:00
musl musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) 2020-11-20 13:24:48 +01:00
nasm toolchain: nasm: update to 2.15.05 2020-09-28 23:44:49 +01:00
uClibc uClibc-ng: refresh config and remove several legacy options 2020-08-24 18:53:59 +02:00
wrapper buildroot: allow specifying libc personality for external toolchains 2013-02-20 15:06:10 +00:00
Config.in toolchain: remove gcc libssp and use libc variant 2020-06-17 23:57:07 +02:00
info.mk uClibc cleanup: - use full version string (0.9.30.1), instead of base (0.9.30) + extra (.1) - remove support for 0.9.28 and snapshots (building from SVN to be added later) 2009-04-24 02:07:24 +00:00
Makefile Revert faulty tree push 2019-08-12 12:27:06 +02:00