Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address security issues raised by SonarCloud #694

Closed
rdmark opened this issue Jan 21, 2024 · 1 comment · Fixed by #1513
Closed

Address security issues raised by SonarCloud #694

rdmark opened this issue Jan 21, 2024 · 1 comment · Fixed by #1513
Assignees
@rdmark
Milestone
release-4.0

Comments

@rdmark
Copy link
Member

rdmark commented Jan 21, 2024

Since we've made good progress on proactive deprecating and refactoring of the codebase, I think it's time to look at the potential security issues that static analysis has revealed.

GitHub has a handy dashboard here https://github.com/Netatalk/netatalk/security/code-scanning
@rdmark rdmark self-assigned this Mar 3, 2024
@rdmark rdmark added this to the release-4.0 milestone Jul 16, 2024
@rdmark rdmark removed their assignment Jul 23, 2024
@rdmark rdmark self-assigned this Sep 22, 2024
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
a2b07bb 
…flow, GitHub #694
@rdmark rdmark linked a pull request Sep 22, 2024 that will close this issue
cnid_dbd: Set explicit max length of db_params to prevent buffer overflow #1513
Merged
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
c2a19a6 
…flow, GitHub #694
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
be42164 
…flow, GitHub #694
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
de6c931 
…flow, GitHub #694
@rdmark
Copy link
Member Author

rdmark commented Sep 22, 2024

Out of the Sonar issues that GitHub has picked up on, the low hanging fruit has been addressed.

One in #1513 and one by updating the bundled bstrlib version in #1152

The remaining GitHub flagged issues are in two specific categories that will require some deeper analysis. Branched them off to these new tickets: #1518 and #1519

@rdmark rdmark closed this as completed Sep 22, 2024
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
2ec9a87 
…flow, GitHub #694
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
3639e41 
…flow, GitHub #694
rdmark added a commit that referenced this issue Sep 22, 2024
@rdmark
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
6be645f 
…flow, GitHub #694
wistmanswood pushed a commit to wistmanswood/netatalk that referenced this issue Dec 28, 2024
@rdmark @wistmanswood
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
50df633 
…flow, GitHub Netatalk#694
wistmanswood pushed a commit to wistmanswood/netatalk that referenced this issue Dec 28, 2024
@rdmark @wistmanswood
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
a49f1ec 
…flow, GitHub Netatalk#694
wistmanswood pushed a commit to wistmanswood/netatalk that referenced this issue Jan 6, 2025
@rdmark @wistmanswood
cnid_dbd: Set explicit max length of db_params to prevent buffer over…
d50782b 
…flow, GitHub Netatalk#694
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rdmark rdmark

Labels
None yet
Projects
None yet
Milestone
release-4.0
Development

Successfully merging a pull request may close this issue.

cnid_dbd: Set explicit max length of db_params to prevent buffer overflow Netatalk/netatalk
1 participant
@rdmark