Skip to content

For 24.3

Dmitry Rodionov requested to merge dkr/for-24.3 into 24.3

Summary

  • test: add cfg(test) condition for danger_accept_invalid_certs on reqwest client

  • test: add tls gostech tests

  • build: move actix to dev-deps, avoid rusttls in reqwest

Actix is not it brings vendored C dependencies which certification doesnt like. Because of the same reason swith away from rustls

  • chore: fix whitespace error in alter patch

  • fix: missing_ok is unsupported in old python (for alt linux)

  • chore: fix deref of null

Return value of a function 'space_cache_find' is dereferenced at trigger.c:427 without checking for NULL, but it is usually checked for this function (32/34).

  • chore: fix division by zero

Expression 'ub', used as divisor at lj_vmmath.c:69, may have a zero value when variable 'b' has value '0'. Check at lj_vmmath.c:68 does not prevent this error.

  • chore: fix buffer underflow

An element of array 'nc->stack' is accessed by an index with possible negative value -2 at lj_opt_narrow.c:395. This may lead to a buffer underflow. Index variable is assigned the value lj_opt_narrow.c:395.

There were another similar warning on the same line. Both should be fixed.

  • chore: fix deref of null warning

Return value of a function 'lj_tab_getinth' is dereferenced at lj_ccallback.c:540 without checking for NULL, but it is usually checked for this function (14/15).

  • chore: fix integer overflow warning

Possible integer overflow: right operand is tainted. An integer overflow may occur due to arithmetic operation (multiplication) between value '24' and variable 'sym_cnt', where the value comes from 'sizeof(Elf64_Sym)' and when 'sym_cnt' is tainted { [1, 18446744073709551615] }

  • chore: fix unchecked func res warning

Warning: Return value of function 'json_lexer_next_token', called at key_def.c:222, is not checked, but it is usually checked for this function (12/13).

  • chore: fix deref after null warning

Warning: After having been compared to a NULL value at lemon.c:1880, pointer 'argv' is dereferenced at lemon.c:1881 by calling function 'strlen'.

  • fix: make sure not to return -1 without diag (use panic for assert instead)
  • Close #278
  • Cherry-pick to: none / 24.2 / 24.3
  • Docs follow-up: not necessary / new issue
Edited by Dmitry Rodionov

Merge request reports