1. 26 Jun, 2018 1 commit
    • Brad King's avatar
      ListFileLexer: Do not match null bytes in input · b29842a8
      Brad King authored
      Extend the fix from commit v3.10.0-rc1~188^2 (ListFileLexer: fix
      heap-buffer-overflow on malicious input, 2017-08-26) to apply to all
      lexer token matches.  Replace all `.` with `[^\0\n]`.  Update all
      `[^...]` match expressions to not match `\0`.
      
      We cannot safely process null bytes in strings.
      
      Fixes: #18124
      b29842a8
  2. 13 Jun, 2018 3 commits
  3. 12 Jun, 2018 7 commits
  4. 08 Jun, 2018 4 commits
  5. 07 Jun, 2018 2 commits
  6. 05 Jun, 2018 12 commits
  7. 04 Jun, 2018 11 commits