/me notes that we have the same exact bug in the xz code (this is on zstd, not
xz as the commit says) #1478 and sighs.
We have three places that do this kind of parsing, we should only have one. Any
takers? :innocent:
--
You are receiving this because you are subscribed to this thread.
Reply
Nice catch!
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1509#issuecomment-762702723___
Rpm-maint mailing list
Rpm-maint@lists
Merged #1509 into master.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1509#event-4221436905___
Rpm-maint mailing list
Rpm-mai
@Conan-Kudo approved this pull request.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1509#pullrequestreview-570750625___
R
The read happened if there was no number after the 'T' option.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1509
-- Commit Summary --
* Fix out of bounds read when parsing the xz thread number
-- File Changes --
M r
