| 16 Jan 2026 |
 Fabián Heredia | * Got the CVE/Advisory/Bulletin? | 22:31:35 |
 emily | for an integer overflow issue in a memory allocation function? no | 22:31:59 |
| emily | anything letting untrusted parties pass huge values there is doomed already | 22:32:15 |
| emily | https://matrix.to/#/!ZRgXNaHrdpGqwUnGnj:nixos.org/$_nFYUuPwe8sGpb2iv1WyH1FKc7L_JM6CRRCF9fhPlKg?via=nixos.org&via=matrix.org&via=nixos.dev | 22:32:30 |
| emily | also, this involves allocating an object whose size can't fit in ptrdiff_t? | 22:33:28 |
| emily | that's UB in both LLVM and GCC | 22:33:34 |
| emily | so a security bug in any code that allows user input to trigger it both before and after remediation | 22:33:56 |
| emily | or well, maybe the alignment part makes it subtler here | 22:34:40 |
| emily | giving untrusted input control over alignment is pretty wild already though. unless I'm missing something this feels like nothing | 22:35:14 |
| Fabián Heredia | There are two, that is the first one and the second one is stack leak to a dns resolver | 22:37:35 |
| emily | ah ok I missed that one | 22:37:49 |
