fluent-bit icon indicating copy to clipboard operation
fluent-bit copied to clipboard

Published 20 hours ago verified publisher icon fluent

[core]: fix double free vulnerability

Open yinluming13579 opened this issue 1 year ago • 9 comments

Fixing the double-free defect. Refer to the defect information at: https://github.com/LuMingYinDetect/fluent-bit_defects/blob/main/fluent-bit_detect_2.md

yinluming13579 avatar Feb 29 '24 00:02 yinluming13579

Hmmm. I think it's okey to merge after https://github.com/fluent/fluent-bit/pull/8534/commits/313c570b0ac8670400ecf7a82adea9ef0311b582 :)

Before these four commits. if file = flb_malloc(sizeof(struct local_file)); failed. then buf will be double free

wanghaEMQ avatar Mar 21 '24 10:03 wanghaEMQ

Can you fix up the DCO and commit message/PR title to match contribution guidelines?

patrick-stephens avatar Mar 21 '24 10:03 patrick-stephens

Can you fix up the DCO and commit message/PR title to match contribution guidelines?

Hello! This is my first time submitting a PR, and I'm not quite sure how to sign the DCO agreement you mentioned. Could you please tell me where I should sign?

LuMingYinDetect avatar Mar 21 '24 10:03 LuMingYinDetect

Click the link in the failing checks section and it will tell you what to do: https://github.com/fluent/fluent-bit/pull/8534/checks?check_run_id=22128440459

It's a requirement for most/all OSS contribution.

patrick-stephens avatar Mar 21 '24 10:03 patrick-stephens

Click the link in the failing checks section and it will tell you what to do: https://github.com/fluent/fluent-bit/pull/8534/checks?check_run_id=22128440459

It's a requirement for most/all OSS contribution.

Hello! I have already signed the DCO agreement.

LuMingYinDetect avatar Mar 21 '24 11:03 LuMingYinDetect

Yeah but the commits and PR title are still off. You need to use [function]: message format.

Please check the contribution guidelines.

patrick-stephens avatar Mar 21 '24 11:03 patrick-stephens

Yeah but the commits and PR title are still off. You need to use [function]: message format.

Please check the contribution guidelines.

Thank you for your patient guidance! I see that you have helped me modify the title, and this submission is a valuable experience for me!

LuMingYinDetect avatar Mar 21 '24 11:03 LuMingYinDetect

No worries, please update the individual commit messages themselves as well.

patrick-stephens avatar Mar 21 '24 12:03 patrick-stephens

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] avatar Jun 27 '24 01:06 github-actions[bot]

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] avatar Dec 14 '24 02:12 github-actions[bot]

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] avatar Sep 06 '25 02:09 github-actions[bot]