07/05/2026 16:59, Bruce Richardson: > Using AI tools to review the cmdline and cfgfile libraries throws up a > couple of places in the libraries where additional hardening could help > prevent future issues. A number of these are purely defensive, e.g. > adding NULL checks to input parameters where a well-behaved app should > never call the function with a NULL value, and so those are not > explicitly marked for backport. > > Bruce Richardson (6): > cfgfile: add null checks to public APIs > cfgfile: prevent issues with overflow on resize > cmdline: harden parser result buffer handling > cmdline: add explicit help function for bool type > cmdline: guard zero-size destination buffers > cmdline: add null checks for invalid input
Applied, thanks.
