Comment 2 for bug 1647467
Revision history for this message
| Julian Andres Klode (juliank) wrote Re: Security issue in InRelease file verification | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
The bug was that the return value of getline() was checked for EOF - but getline() also returns on out-of-memory conditions which are thus treated as a end of file.
The attached patch should fix that, but further testing is warranted. If this fix is correct, I'd like to push for a co-ordinated update soon, possibly tomorrow.