[MemCpyOpt] Fix incorrect size check in memmove of memset opt (#206451)
We were only checking that the memset is at least as large as the
memmove size, but not accounting for the fact that the memmove occurs at
an offset.
firewall: skip alias on rules GUI reload
Also align the alias load path in the controller with
how !skip_alias serializes the sequence after rules
reload inside filter_configure_sync().
(cherry picked from commit a3091013d724f19e5fc2767a12de811da606e935)
(cherry picked from commit 5c1d8575a7d87dd717963506b510d144e6fcd63a)
[Dexter] Add !address node (#202801)
Adds a node type for Dexter that allows checking abstract labels instead
of concrete addresses. Each address node has a label and optional
offset, and the first time during evaluation that a given address label
is matched against a valid pointer value, the address label will be
assigned a value that matches the seen address (adjusting for any
offset). From that point, the resolved address value will be used for
the remainder of the test evaluation.
NAS-141580 / 27.0.0-BETA.1 / Convert SNMP plugin to the typesafe pattern (#19219)
## Context
Migrate the `snmp` plugin to the typesafe pattern: a lean
`SystemServiceService[SNMPEntry]` delegating to an `SNMPServicePart`,
with Pydantic API models, `check_annotations=True`, and
`config`/`do_update` returning typed models instead of dicts.
## Solution
- Split the single `snmp.py` into a `snmp/` package: a lean
`__init__.py` (service class + port delegate) and `config.py` (the
service part holding the SQLAlchemy model, the model-based `do_update`,
the v3 user lifecycle, and the defaults helper). `get_snmp_users` stays
a `@private` method because the integration tests invoke it over the
wire; the unused `_is_snmp_running` was dropped.
- Decouple the legacy `@single_argument_args` model into `SNMPEntry` /
`SNMPUpdate` / `SNMPUpdateArgs` / `SNMPUpdateResult` in `api/v27_0_0`.
The `v3_password` / `v3_privpassphrase` secrets are read via
`get_secret_value()` and persisted with the `expose_secrets` dump
[8 lines not shown]
Diagnose noreturn calls from a const or pure function (#206134)
The const and pure functions add the WillReturn LLVM IR attribute which
require the function to return. Calling a noreturn function is UB, so it
is now being diagnosed unless the call is known to be unevaluated.
This diagnostic is enabled by default.
Fixes #129022
Line and digit directives, OriginalFileName, ModuleName should be unevaluated strings (#201413)
Based on
https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2023/p2361r6.pdf,
line and digit directives should be unevaluated strings. This patch
changes the HandleLineDirective and HandleDigitDirective to parse
strings as unevaluated string literals and fixes the testcase to not
have escape sequences.
GraphicsMagick p5-GraphicsMagick: updated to 1.3.47
1.3.47
Security Fixes:
DPX: Fix subsampling validation logic which was failing due to incorrect logic. This avoids a divide by zero possibility.
JNG writer: Properly handle and report the case where ImageToBlob()returns NULL.
MNG writer: Enforce that MNG only supports a color palette up to 256 colors (ImageMagick CVE-2026-28690).
MagickXImageWindowCommand(): Assure that static buffer does not overflow if the user keeps a numeric key depressed (ImageMagick CVE-2026-33535).
PCD: Prevent an out of bounds read (ImageMagick security advisory GHSA-wrhr-rf8j-r842).
PNG writer: Detect and report an excessively large profile, an other unexpected conditions (ImageMagick CVE-2026-30883).
RenderFreetype(): Use MagickConfirmAccess() to verify that font file name is allowed to be read.
TIFF EXIF IFD writer: Detect and prevent infinite looping (EXIF IFD writer code may be excluded by the -DEXPERIMENTAL_EXIF_TAGS=0 define).
TIFF EXIF IFD writer: Only transfer tags from EXIF and GPS IFDs. Do not transfer tags from the main IFDs.
YUV: Fix validation of 'sampling-factor' argument. (ImageMagick CVE-2026-25799). Given that the argument normally comes from a user (rather than an input file) this seems to be a minor security issue at most.
PS, PS2, PS3: Enforce that width and height dimensions, and total pixels, to/from Ghostscript are within the same limits as specified for GraphicsMagick. This helps avoid Ghostscript-based denial of service opportunities.
SVG: Add validations for element id syntax. Reject invalid attribute values which contain single quotes.
XCF: Report an error if there are no layers. Fix two unsigned integer overflow cases.
[53 lines not shown]
[clang][bytecode] Fix an assertion failure in dynamic_cast handling (#206447)
If `Ptr` is already a root pointer, the `getBase()` call ran into an
assertion. Fix this by moving the check to the start of the loop.