libsmbios icon indicating copy to clipboard operation
libsmbios copied to clipboard
verified publisher icon dell

Cleanups requested from Ubuntu security review

Open superm1 opened this issue 7 years ago • 0 comments

Some of these aren't applicable since C++ API was dropped, but they should all be reviewed and decisions made. Removing the factories may be problematic as they're used in other consumers of libsmbios (such as fwupd).

These came from: https://bugs.launchpad.net/ubuntu/+source/libsmbios/+bug/1603072/comments/14

  • [ ] compile with UBSAN and make sure it's clean
  • [ ] compile with ASAN and make sure it's clean
  • [ ] fix the readByteArray() / writeByteArray() to work on more than one byte at a time
  • [ ] replace auto_ptr with the correct replacements at each use
  • [ ] remove the factories altogether
  • [ ] refactor copy_mmap() / trycopy() / remap()
  • [ ] try afl-fuzz on the different tools

superm1 avatar Mar 26 '18 06:03 superm1