Re: [PATCH 1/2] udhcpc6: carry along length of packet when parsing it.

David Decotigny 於 2018年5月24日 週四 23:38 寫道： > This is to avoid parsing garbage past packet's actual end. > > Also const-ize params to a few functions. > > Signed-off-by: David Decotigny > I wonder if parsing such "garbage" has security implications. >

Re: [PATCH] fsck: Fix incorrect handling of child exit

Thanks! That will probably also do, though it isn't as legit as it could be: https://www.gnu.org/software/libc/manual/html_node/Process-Completion-Status.html says the return value of WEXITSTATUS is only well-defined "If WIFEXITED is true of status". So it would make sense to use WEXITSTATUS

[PATCH] wget: don't silently ignore certificate validation

Internal TLS code (FEATURE_WGET_HTTPS) does not implement validation of the server's certificate. It is documented in the code, but not even mentioned in the --help message, so users typically don't know about this behaviour. That's a crime against security! This patch changes this behaviour for

Re: [PATCH 2/2] udhcpc6: ignore invalid OPTION_IAADDR

https://tools.ietf.org/html/rfc3315#section-22.6 > On May 24, 2018, at 11:58 AM, Baruch Siach wrote: > > Hi David, > > On Thu, May 24, 2018 at 08:30:16AM -0700, David Decotigny wrote: >> Ref: http://go/rfc/3315#section-22.6

Re: [PATCH 2/2] udhcpc6: ignore invalid OPTION_IAADDR

Applied, thanks. On Thu, May 24, 2018 at 5:30 PM, David Decotigny wrote: > Ref: http://go/rfc/3315#section-22.6 > > Signed-off-by: David Decotigny > --- > networking/udhcp/d6_dhcpc.c | 4 > 1 file changed, 4 insertions(+) > > diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_d

Re: [PATCH 2/2] udhcpc6: ignore invalid OPTION_IAADDR

Hi David, On Thu, May 24, 2018 at 08:30:16AM -0700, David Decotigny wrote: > Ref: http://go/rfc/3315#section-22.6 This URL doesn't work here. Is is kind of Google internal thing? baruch > Signed-off-by: David Decotigny > --- > networking/udhcp/d6_dhcpc.c | 4 > 1 file changed, 4 insertio

[PATCH 1/2] udhcpc6: carry along length of packet when parsing it.

This is to avoid parsing garbage past packet's actual end. Also const-ize params to a few functions. Signed-off-by: David Decotigny --- networking/udhcp/d6_dhcpc.c | 40 +++-- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/networking/udhcp/d6_dhc

[PATCH 2/2] udhcpc6: ignore invalid OPTION_IAADDR

Ref: http://go/rfc/3315#section-22.6 Signed-off-by: David Decotigny --- networking/udhcp/d6_dhcpc.c | 4 1 file changed, 4 insertions(+) diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_dhcpc.c index 39b0501ad..c6276f97b 100644 --- a/networking/udhcp/d6_dhcpc.c +++ b/networki

Please PGP-sign releases

Currently busybox distributes the file https://busybox.net/downloads/busybox-1.28.4.tar.bz2.sign which is an armored plaintext file containing inline md5sums/sha1sums in a sea of text which cannot be easily parsed by e.g. distro packaging tooling. (FWIW, I'm a distro packager who would like to use

Re: [PATCH] fsck: Fix incorrect handling of child exit

Fixed in a bit different form. Thanks! On Tue, May 8, 2018 at 4:47 PM, Niklas Hambüchen wrote: > In commit > > c4fb8c6a - fsck: do not use statics > > not only statics were changed but also a couple of > statics-unrelated changes were made. > > This included the handling of the child terminatio