cryptogera/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-03-17 17:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#34825: depends: capnp 1.4.0

Browse Source 
bde35d61f930a7cd2011aeb9f5443f3188484e80 depends: capnp 1.4.0 (fanquake)

Pull request description:

  Update capnp in depends to [`1.4.0`](https://github.com/capnproto/capnproto/releases/tag/v1.4.0).

  It contains a number of bugfixes, and fixes for 2 CVEs, of which I think only `Fix benign(?) buffer overrun in async readMessage()` is relevant to us, and it seems to be considered benign:
  > This is technically undefined behavior (a buffer overrun), but we suspect that it is benign with all known memory allocators. In C++, a zero-sized allocation (made with `operator new(0)`, as is the case here) is required to return a unique pointer, different from any other such allocation. Because of this, all common memory allocators round up a zero-byte allocation to a word-sized allocation (32-bit or 64-bit, depending on the architecture). The overrun written to this allocation was exactly one pointer in size, so always fits into the actual allocation space.

  > Nevertheless, the code is in fact relying on undefined behavior, and it is theoretically possible that some memory allocator implements zero-sized allocations in a way that would make this overrun dangerous.

  See https://github.com/capnproto/capnproto/compare/release-1.3.0...release-1.4.0 for all changes since 1.3.0.

ACKs for top commit:
  sedited:
    ACK bde35d61f930a7cd2011aeb9f5443f3188484e80
  janb84:
    ACK bde35d61f930a7cd2011aeb9f5443f3188484e80
  hebasto:
    ACK bde35d61f930a7cd2011aeb9f5443f3188484e80.

Tree-SHA512: 33a6c12684b9a6046a38c3b9dd1a5730db352eae07b5dbfe7244228fde3d1627d039c0e0ba7d35fe0968f91a0f476c239fa8f2e356a37b8ac975ac268d271bc2
This commit is contained in:
merge-script 2026-03-17 09:24:50 +08:00
commit 52e8c1ce32
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
depends/packages/native_capnp.mk
View File

@ -1,9 +1,9 @@
package=native_capnp
$(package)_version=1.3.0
$(package)_version=1.4.0
$(package)_download_path=https://capnproto.org/
$(package)_download_file=capnproto-c++-$($(package)_version).tar.gz
$(package)_file_name=capnproto-cxx-$($(package)_version).tar.gz
$(package)_sha256_hash=098f824a495a1a837d56ae17e07b3f721ac86f8dbaf58896a389923458522108
$(package)_sha256_hash=fa02378ad522b318916b9ad928d1372fc9abd43dd1f4f0392e50450f5c87828f
define $(package)_set_vars
$(package)_config_opts := -DBUILD_TESTING=OFF