Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Upload event attachment #3

Merged
merged 5 commits into from
Mar 7, 2019
Merged

feat: Upload event attachment #3

merged 5 commits into from
Mar 7, 2019

Conversation

bruno-garcia
Copy link
Member

No description provided.

@bruno-garcia bruno-garcia requested a review from mitsuhiko March 7, 2019 09:56
mitsuhiko
mitsuhiko requested changes Mar 7, 2019
View reviewed changes
src/sentry.cpp Outdated Show resolved Hide resolved
@bruno-garcia bruno-garcia merged commit 98216e3 into master Mar 7, 2019
@bruno-garcia bruno-garcia deleted the feature/upload-event-attachment branch March 7, 2019 10:01
azat pushed a commit to azat-ch/sentry-native that referenced this pull request Sep 6, 2022
@alexey-milovidov
Merge pull request getsentry#3 from Civil/master
f431047 
Update modulefinder to compile on riscv
Strive-Sun added a commit to Strive-Sun/sentry-native that referenced this pull request Feb 22, 2024
@Strive-Sun
Add gzip compression (getsentry#3)
0804baf
supervacuus added a commit that referenced this pull request Oct 28, 2024
@supervacuus
fix: remove a potential overflow before conversion
d340a43 
This is in response to CodeQL security scan alert #1-#3.

`Elf[32|64]_Ehdr[.e_phnum|.e_phentsize|.e_shnum|.e_shentsize]` are all `uint16_t`, this means the loop-var `i` is bounded by `uint16_t` and should fit in a `uint32_t` (to prevent unsigned overflow in the loop). A switch to unsigned still makes sense, because we reduce the future chance of unnecessary signed overflow (=UB) in the loop body.

All program/section-header table entry sizes are cast to `uin64_t` even though the multiplication is bound to `uint32_t` by both factors being bound by `uint16_t`. This fixes the potential overflow before conversion to the bigger type.
@supervacuus supervacuus mentioned this pull request Oct 28, 2024
Merged
supervacuus added a commit that referenced this pull request Oct 28, 2024
@supervacuus
fix: remove a potential overflow before conversion (#1062)
a0663a6 
* fix: remove a potential overflow before conversion

This is in response to CodeQL security scan alert #1-#3.

`Elf[32|64]_Ehdr[.e_phnum|.e_phentsize|.e_shnum|.e_shentsize]` are all `uint16_t`, this means the loop-var `i` is bounded by `uint16_t` and should fit in a `uint32_t` (to prevent unsigned overflow in the loop). A switch to unsigned still makes sense, because we reduce the future chance of unnecessary signed overflow (=UB) in the loop body.

All program/section-header table entry sizes are cast to `uin64_t` even though the multiplication is bound to `uint32_t` by both factors being bound by `uint16_t`. This fixes the potential overflow before conversion to the bigger type.

* also safely cast the access to section header string table.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mitsuhiko mitsuhiko mitsuhiko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bruno-garcia @mitsuhiko