| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2013-07-13 | common: Implement stpcpy() replacement for systems lacking it |  Martin Szulecki | 2 | -0/+26 | |
| 2013-07-02 | Bug #331 - Don't create a /tmp/root directory insecurely |  Federico Mena Quintero | 1 | -29/+76 | |
| When finding the user's home directory to generate a subdirectory in $HOME/.config, we would fall back to /tmp if there were no environment variables for HOME or XDG_CONFIG_HOME. Since libimobiledevice gets used by upower, and since upowerd runs as root, this would cause a /tmp/root directory to be created insecurely, leaving upowerd vulnerable to a symlink attack. Now we fall back to getpwuid_r() to find the user's home directory if it is not provided in environment variables - this is the case when upowerd gets run via systemd, for example. The result is that we'll end up creating /root/.config, a safe directory, since regular users cannot create symlinks in /root. In the future we'll need a way for libimobiledevice to find where to store its pairing data on behalf of the console user, rather than writing it to /root. http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use | |||||
| 2013-07-02 | common: Add utils.[ch] with a string_concat() function | Federico Mena Quintero | 3 | -1/+114 | |
| Instead of doing malloc() and repeated strcat(), which is an O(n^2) way to concatenate multiple strings, we define a single O(total_len) function that uses stpcpy(). This will also make the rest of the code more legible and safer. | |||||
| 2013-05-23 | Silence compiler warnings for win32 builds | Martin Szulecki | 2 | -1/+3 | |
| 2013-04-25 | common: Move debug and userpref code into libinternalcommon | Martin Szulecki | 5 | -1/+1465 | |
| 2013-03-20 | move thread and socket code to "common" subdir |  Nikias Bassen | 5 | -0/+600 | |
 |
index : libimobiledevice | |
| A cross-platform protocol library to access iOS devices | ms |
| summaryrefslogtreecommitdiffstats |