mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 17:59:59 +00:00
wangmy
e9b63bece7
* The new security fix in 6.4.20 for CVE-2021-36386 caused truncation of messages logged to buffered outputs, predominantly --logfile. This also caused lines in the logfile to run into one another because the fragment containing the '\n' line-end character was usually lost. Reason is that on all modern systems (with <stdarg.h> header and vsnprintf() interface), the length of log message fragments was added up twice, so that these ended too deep into a freshly allocated buffer, after the '\0' byte. Unbuffered outputs flushed the fragments right away, which masked the bug. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>