diff options
author | Taylor Blau <me@ttaylorr.com> | 2023-04-14 18:46:59 +0300 |
---|---|---|
committer | Johannes Schindelin <johannes.schindelin@gmx.de> | 2023-04-17 22:15:42 +0300 |
commit | 528290f8c61222433a8cf02fb7cfffa8438432b4 (patch) | |
tree | e3512cac669507c04ca5378f215230b8e7b26a78 /remote.c | |
parent | 4fe5d0b10afdc9ac5b703605b8d84d1ce5d71e87 (diff) | |
parent | 3bb3d6bac5f2b496dfa2862dc1a84cbfa9b4449a (diff) |
Merge branch 'tb/config-copy-or-rename-in-file-injection'
Avoids issues with renaming or deleting sections with long lines, where
configuration values may be interpreted as sections, leading to
configuration injection. Addresses CVE-2023-29007.
* tb/config-copy-or-rename-in-file-injection:
config.c: disallow overly-long lines in `copy_or_rename_section_in_file()`
config.c: avoid integer truncation in `copy_or_rename_section_in_file()`
config: avoid fixed-sized buffer when renaming/deleting a section
t1300: demonstrate failure when renaming sections with long lines
Signed-off-by: Taylor Blau <me@ttaylorr.com>
Diffstat (limited to 'remote.c')
0 files changed, 0 insertions, 0 deletions