1. 30 Nov, 2018 1 commit
    • David Mitchell's avatar
      Perl_my_setenv(); handle integer wrap · 479e665b
      David Mitchell authored
      RT #133204
      
      Wean this function off int/I32 and onto UV/Size_t.
      Also, replace all malloc-ish calls with a wrapper that does
      overflow checks,
      
      In particular, it was doing (nlen + vlen + 2) which could wrap when
      the combined length of the environment variable name and value
      exceeded around 0x7fffffff.
      
      The wrapper check function is probably overkill, but belt and braces...
      
      NB this function has several variant parts, #ifdef'ed by platform
      type; I have blindly changed the parts that aren't compiled under linux.
      
      [Backported to Perl 5.20 by Dominic Hargreaves for Debian;
      whitespace changes only]
      
      Origin: upstream
      Patch-Name: fixes/CVE-2018-18311.diff
      479e665b
  2. 30 Apr, 2016 1 commit
  3. 27 Feb, 2015 1 commit
  4. 30 Aug, 2014 1 commit
  5. 09 May, 2014 1 commit
  6. 11 May, 2013 1 commit
  7. 06 May, 2013 1 commit
  8. 02 Nov, 2012 1 commit
  9. 10 Oct, 2012 1 commit
  10. 12 May, 2012 1 commit
  11. 25 Apr, 2011 1 commit
  12. 29 Mar, 2010 1 commit
  13. 19 Aug, 2009 1 commit
  14. 16 Aug, 2009 1 commit
  15. 04 Jan, 2009 1 commit
  16. 06 May, 2008 12 commits