[Haskell-cafe] base64-bytestring memory corruption bug
hecate at glitchbra.in
Tue Aug 3 20:44:27 UTC 2021
Wonderful, happy to know it's been resolved!
Le 03/08/2021 à 05:40, Fraser Tweedale a écrit :
> A new proposed fix is being discussed in
> Expect a fix merged and new release sometime in the next few days.
> Big thanks to all involved in pinpointing and resolving this issue.
> On Mon, Aug 02, 2021 at 11:52:52PM +0200, Hécate wrote:
>> Hi Fraser, do you have further information about this situation?
>> Le 25/07/2021 à 07:50, Fraser Tweedale a écrit :
>>> I want to bring to wider attention a memory bug present in
>>> base64-bytestring. In summary, in some cases too few bytes are
>>> allocated for the output when performing base64url decoding. This
>>> can lead to memory corruption (which I have observed), and
>>> possibly crashes (which I have not observed).
>>> I submitted a pull request that fixes the issue some days ago,
>>> but did not receive a response from the maintainers yet. I
>>> understand that maintainers may be busy or unavailable, and that is
>>> fine. So I am posting here mainly to ensure that USERS are aware of
>>> the issue.
>>> To maintainers: let me know if I can provider further assistance to
>>> resolve this issue and release a fix.
>>>  https://github.com/haskell/base64-bytestring/issues/44
>>>  https://github.com/frasertweedale/hs-jose/issues/102
>>>  https://github.com/haskell/base64-bytestring/pull/45
>>> Haskell-Cafe mailing list
>>> To (un)subscribe, modify options or view archives go to:
>>> Only members subscribed via the mailman list are allowed to post.
>> Hécate ✨
>> 🐦: @TechnoEmpress
>> IRC: Hecate
>> WWW: https://glitchbra.in
>> RUN: BSD
>> Haskell-Cafe mailing list
>> To (un)subscribe, modify options or view archives go to:
>> Only members subscribed via the mailman list are allowed to post.
More information about the Haskell-Cafe