here's the code in Microchip's xc8 avr compiler, which is actually just modified avr-gcc and thus covered by GPL and open source (they squirrel this away pretty well) that yells at you to pay them for features an open source development community built them for free

-DSKIP_LICENSE_MANAGER=1 and rebuild it from source



alternatively, here's how to use your system avr-gcc with Microchip's provided device support packages

· · Web · 1 · 0 · 0


looking at their code, there is DEFINITELY a race condition in the way they call their license manager. It is checksum validated by path, THEN called by path

I bet this vuln exists in their closed-source compilers too

Sign in to participate in the conversation

This is a brand new server run by the main developers of the project as a spin-off of 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!