christian-rauch
commented
1 year ago Can you squash your commits together?
Closed karina-ranadive closed 11 months ago
christian-rauch
commented
1 year ago Can you squash your commits together?
karina-ranadive
commented
1 year ago Just squashed the commits, thanks!
On Thu, Jul 20, 2023 at 2:53 PM Christian Rauch @.***> wrote:
Can you squash your commits together?
— Reply to this email directly, view it on GitHub https://github.com/AprilRobotics/apriltag/pull/286#issuecomment-1644431860, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASPTGN5WQEVIRNCET6SE4D3XRF5BZANCNFSM6AAAAAA2QXF2JU . You are receiving this because you authored the thread.Message ID: @.***>
In getopt.c, the variable pos was of type int and this comparison to the len variable, which is of type size_t, presents a security vulnerability for my team's utilization of this repository as pos is of a different type than len. I changed the pos variable to be of type size_t to enable pos and len to be consistently compared in the for loop where "pos < len". Similarly, in string_util.c, pos and haystack_len are compared as inconsistent types so to address this security vulnerability, I changed pos to be of type size_t. In pam.c, I changed idx to be of type size_t to address the same security vulnerability as for the files above.