wasm-micro-runtime

gnh1201/wasm-micro-runtime

Fork 0

mirror of https://github.com/bytecodealliance/wasm-micro-runtime.git synced 2025-03-12 00:45:28 +00:00

Commit Graph

Author	SHA1	Message	Date
TrellixVulnTeam	7ad3412591	Adding tarfile member sanitization to extractall() (#1709 ) Fix a widespread bug named CVE-2007-4559, which is a 15 year old bug in the Python tarfile package. By using extract() or extractall() on a tarfile object without sanitizing input, a maliciously crafted .tar file could perform a directory path traversal attack. This patch essentially checks to see if all tarfile members will be extracted safely and throws an exception otherwise.	2022-11-17 11:52:30 +08:00
Wenyong Huang	7be0d385a6	Implement SIMD latest opcodes and update LLVM to 13.0 (#758 ) Implement the latest SIMD opcodes and update LLVM 13.0, update the llvm build scripts, update the sample workloads‘ build scripts, and build customized wasi-sdk to build some workloads. Also refine the CI rules. Signed-off-by: Wenyong Huang <wenyong.huang@intel.com>	2021-09-17 19:12:57 +08:00

Author

SHA1

Message

Date

TrellixVulnTeam

7ad3412591

Adding tarfile member sanitization to extractall() (#1709 )

Fix a widespread bug named CVE-2007-4559, which is a 15 year old bug
in the Python tarfile package. By using extract() or extractall() on a tarfile
object without sanitizing input, a maliciously crafted .tar file could
perform a directory path traversal attack. This patch essentially checks to
see if all tarfile members will be extracted safely and throws an exception
otherwise.

2022-11-17 11:52:30 +08:00

Wenyong Huang

7be0d385a6

Implement SIMD latest opcodes and update LLVM to 13.0 (#758 )

Implement the latest SIMD opcodes and update LLVM 13.0,
update the llvm build scripts, update the sample workloads‘ build scripts,
and build customized wasi-sdk to build some workloads.
Also refine the CI rules.

Signed-off-by: Wenyong Huang <wenyong.huang@intel.com>

2021-09-17 19:12:57 +08:00

2 Commits