| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
false positive reported by cppcheck.
Notes:
svn path=/stable/9/; revision=320583
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In r300388, endnetconfig() was called on nc_handle which would release
the associated netconfig structure, which means tmpnconf->nc_netid
would be a use-after-free.
Solve this by doing endnetconfig() in return paths instead.
Reported by: jemalloc via kevlo
Reviewed by: cem, ngie (earlier version)
Notes:
svn path=/stable/9/; revision=320326
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Properly sign extend the result of jrand48() and mrand48().
These functions are supposed to return a value between [-2^31, 2^31).
This doesn't seem to work on 64-bit systems, where we return a value
between [0, 3^32). Patch up the function to use proper casts to int32_t.
While there, fix some other style bugs.
Notes:
svn path=/stable/9/; revision=310321
|
| |
|
|
|
|
|
|
| |
PR: 215105
Submitted by: <jtd2004a sbcglobal.net>
Notes:
svn path=/stable/9/; revision=309691
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix possible buffer overflow(s) in link_ntoa(3).
A specially crafted sockaddr_dl argument can trigger a static buffer overflow
in the libc library, with possibility to rewrite with arbitrary data following
static buffers that belong to other library functions.
Reviewed by: kib
Security: FreeBSD-SA-16:37.libc
Notes:
svn path=/stable/9/; revision=309646
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Microoptimize %p case.
2) Implememt %u for GNU compatibility.
3) Don't forget to advance buf for %w/%u.
4) Fail with incomplete week (week 0) request and no such week in the
year.
5) Fix yday formula when Sunday requested and the week started from Monday.
6) Fail with impossible yday for incomplete week (week 0) and direct %w/%u
request.
7) Shift yday/wday to the first day of the year, if incomplete week
(week 0) requested and no %w/%u used.
8) For already non-standard %z extension implement GNU compatible formats:
+hh and -hh.
9) Check for incorrect values for %z.
PR: 212983 (case 3 only)
Notes:
svn path=/stable/9/; revision=306416
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1) Fix the case we have less arguments for format string than we expected.
2) Return error on unsupported format specs.
(both according to POSIX)
3) For %Z format, understand "UTC" name too.
PR: 93197 (only r272679)
Notes:
svn path=/stable/9/; revision=306326
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFstable/11 r304945:
MFC r304034:
Initialize `ai` to NULL and test for `ai` with type-appropriate values
Depending on the address family and ai_flags containing AI_V4MAPPED,
it might not do a proper DNS lookup on the provided DNS address
Convert some `ai` boolean true/false checks to NULL/non-NULL while here.
PR: 211790
Notes:
svn path=/stable/9/; revision=304990
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Avoid double use of "request" in a single sentence. Instead, describe
aio_sigevent as being used to request notification of the associated
operation's completion. This matches the language used to describe
aio_sigevent in aio(4).
- Simplify the prohibition on modifying buffers while requests are in
flight.
- Fix case mismatch.
- Drop note about not using stack variables. C programmers should be able
to figure out if a stack variable is safe based on the later warning
about the life cycle requirements of control blocks.
- Remove prohibition on modifying the I/O buffer for aio_fsync() since
it does not use an I/O buffer. For aio_mlock(), prohibit modifications
to the mapping (e.g. due to mprotect, munmap, mmap, etc.) but do not
prohibit modifications to the memory backing the buffer (stores into
the pages backing the buffer).
Notes:
svn path=/stable/9/; revision=304617
|
| |
|
|
|
|
|
| |
Fix an infinite loop in setnetgrent(3) with NIS netgroups.
Notes:
svn path=/stable/9/; revision=303681
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Add a sigevent(3) manpage to give a general overview of the sigevent
structure and the available notification mechanisms.
- Document that AIO requests contain a nested sigevent structure that can
be used to request completion notification.
- Expand the sigevent details in other manuals to note details such as
the extra values stored in a queued signal's information or in a posted
kevent.
Notes:
svn path=/stable/9/; revision=303325
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r301708:
Revert r301707
getnetent_p doesn't return NULL like getnetent does. coccinelle got confused and
I didn't verify that it worked before committing the change
Pointyhat to: ngie
Notes:
svn path=/stable/9/; revision=302445
|
| |
|
|
|
|
|
|
|
|
|
|
| |
MFC r301707:
Use NULL instead of `0` in _ht_getnetbyname(..)
- getnetent returns NULL on completion/error.
- .h_aliases is NULL terminated.
Notes:
svn path=/stable/9/; revision=302443
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libc: regexec(3) adjustment.
Change the behavior of when REG_STARTEND is combined with REG_NOTBOL.
From the original posting[1]:
"Enable the assumption that pmatch[0].rm_so is a continuation offset
to a string and allows us to do a proper assessment of the character
in regards to it's word position ('^' or '\<'), without risking going
into unallocated memory."
This change makes us similar to how glibc handles REG_STARTEND |
REG_NOTBOL, and is closely related to a soon-to-land fix to sed.
Special thanks to Martijn van Duren and Ingo Schwarze for working
out some consistent behaviour.
Differential Revision: https://reviews.freebsd.org/D6257
Taken from: openbsd-tech 2016-05-24 [1] (Martijn van Duren)
Notes:
svn path=/stable/9/; revision=302169
|
| |
|
|
|
|
|
|
|
| |
MFC r301704:
Test for strchr(3) returning NULL, not 0
Notes:
svn path=/stable/9/; revision=301821
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r300624:
Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.
Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced
CID: 1356026
Notes:
svn path=/stable/9/; revision=301688
|
| |
|
|
|
|
|
|
|
| |
MFC r300385:
Don't leak `tmp` if `p->nc_lookups` can't be malloced
Notes:
svn path=/stable/9/; revision=301686
|
| |
|
|
|
|
|
|
|
|
|
|
| |
MFC r300386:
Don't leak `handle` if svc_tp_create(..) succeeds and allocating a new
struct xlist object fails
CID: 978277
Notes:
svn path=/stable/9/; revision=301685
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r300387,r300388,r300389:
r300387:
getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable
r300388:
Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL
This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.
CID: 978179
r300389:
nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early
CID: 1016702
Notes:
svn path=/stable/9/; revision=301630
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libc/regex: fix two buffer underruns.
Fix some rather complex regex issues found on OpenBSD as part of some
ongoing work to fix a sed(1) bug.
Curiously the OpenBSD tests don't trigger segfaults on FreeBSD but the
bugs were confirmed by running a port of FreeBSD's regex under OpenBSD's
malloc. Huge thanks to Ingo for confirming the behavior.
Obtained from: OpenBSD (CVS 1.20, 1.21)
Notes:
svn path=/stable/9/; revision=300964
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
regex: prevent two improbable signed integer overflows.
In matcher() we used an integer to index nsub of type size_t.
In print() we used an integer to index nstates of type sopno,
typedef'd long.
In both cases the indexes never take negative values.
Match the types to avoid any error.
Notes:
svn path=/stable/9/; revision=298727
|
| |
|
|
|
|
|
|
|
|
| |
MFC r298303:
Remove trailing whitespace and use `nitems(mib)` instead of `2` when
calling sysctl(3)
Notes:
svn path=/stable/9/; revision=298489
|
| |
|
|
|
|
|
|
|
|
|
| |
rpc: fix failure to clear string by passing the wrong size to memset.
Noted by NetBSD's PR/21014
Obtained from: NetBSD (CVS Rev. 1.24, 1.25)
Notes:
svn path=/stable/9/; revision=297320
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tdelete(3): don't delete the node we are about to return.
The original change, from NetBSD, was bogus; introduced a memory
leak and and broke POSIX. By reverting we actually match NetBSD's
latest revision.
This is a revert of the original merge: this function was rewritten
in 11-current.
Reported by: Markiyan Kushnir
Obtained from: NetBSD (CVS rev. 1.7, 1.8)
Notes:
svn path=/stable/9/; revision=294763
|
| |
|
|
|
|
|
|
|
|
|
|
| |
PR: 203440 (based on)
Submitted by: ceratv@rpi.edu
Approved by: wblock@ (mentor)
Differential Revision: https://reviews.freebsd.org/D3813
- address grammar
Notes:
svn path=/stable/9/; revision=294746
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid reading pass the end of the source buffer when it is not NUL
terminated.
If this buffer is adjacent to an unmapped page or a version of C with
bounds checked is used this may result in a crash.
PR: 206178
Submitted by: Alexander Cherepanov <cherepan@mccme.ru>
Notes:
svn path=/stable/9/; revision=294457
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid reading pass the end of the source buffer when it is not NUL
terminated.
If this buffer is adjacent to an unmapped page or a version of C with
bounds checked is used this may result in a crash.
PR: 206177
Submitted by: Alexander Cherepanov <cherepan@mccme.ru>
Notes:
svn path=/stable/9/; revision=294456
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r293715:
Fix a mismerge from NetBSD in r162194 with `xdr_rpcb_entry_list_ptr(..)`
This fixes the potential NULL pointer dereference properly, and also fixes
memory leaks encountered in the process of iterating through `*rp`.
Found by: Valgrind
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Notes:
svn path=/stable/9/; revision=294301
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r293705:
Similar to r293704, fix theoretical leak of netconfig(3) resources in
__rpcbind_is_up(..) if getnetconfig(3) is partly successful in allocating
resources, but not completely successful by moving the endnetconfig(3) call
up before we return from the function if nconf == NULL.
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Notes:
svn path=/stable/9/; revision=294242
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r293704:
Fix theoretical leak of netconfig(3) resources in svcunix_create(..)
In the event that the getconfig(3) call in svcunix_create is partly successful,
some of the netconfig(3) resources allocated might be leaked if the call returns
NULL as endnetconfig(3) wasn't called explicitly in that case. Ensure that the
resources are fully cleaned up by going to the `done` label, which will call
endnetconfig(3) for us.
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Notes:
svn path=/stable/9/; revision=294241
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a NIS server has long entries on its database that is bigger than
1024 specified on YPMAXRECORD the ypmatch can get in an infinite retry
loop when is requesting the information from the NIS server.
The ypmatch(1) will return an error until the command receives an
kill(1).
To avoid this problem, we check the MAX_RETRIES that is by default set
to 20 and avoid get in infinet loop at the client side.
Notes:
svn path=/stable/9/; revision=293804
|
| |
|
|
|
|
|
|
| |
Remove _gethostbynisname() and _gethostbynisaddr(). These functions
used to be called from getipnodebyname().
Notes:
svn path=/stable/9/; revision=293024
|
| |
|
|
|
|
|
|
| |
Simplify _map_v4v6_address().
We don't need to use a temporary buffer, here.
Notes:
svn path=/stable/9/; revision=292851
|
| |
|
|
|
|
|
| |
Use _map_v4v6_address().
Notes:
svn path=/stable/9/; revision=292827
|
| |
|
|
|
|
|
|
|
|
| |
If we end up following a CNAME chain that does not find
any data return that instead of internal error.
PR: 156684
Notes:
svn path=/stable/9/; revision=292825
|
| |
|
|
|
|
|
|
|
| |
addrinfo.ai_family is an address family, not a protocol family.
PR: 162434
Notes:
svn path=/stable/9/; revision=292761
|
| |
|
|
|
|
|
|
|
| |
Add AI_V4MAPPED and AI_ALL support for getaddrinfo(3).
PR: 198092
Notes:
svn path=/stable/9/; revision=292724
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r292153:
Add -static to CFLAGS to unbreak the tests by using a libc.a with
the xlocale private symbols exposed which aren't exposed publicly
via the DSO
PR: 191354
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292482
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
resolver: automatically reload /etc/resolv.conf
On each resolver query, use stat(2) to see if the modification time
of /etc/resolv.conf has changed. If so, reload the file and reinitialize
the resolver library. However, only call stat(2) if at least two seconds
have passed since the last call to stat(2), since calling it on every
query could kill performance.
This new behavior is enabled by default. Add a "reload-period" option
to disable it or change the period of the test.
Document this behavior and option in resolv.conf(5).
Polish the man page just enough to appease igor.
Relnotes: yes
Sponsored by: Dell Inc.
Notes:
svn path=/stable/9/; revision=292464
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
resolver: abuse _res a little less
In the past, _res was a global variable. Now, it's multiple function calls.
Several functions in the resolver use _res multiple times and therefore
call the function(s) far more than necessary.
Fix those callers to store the result of _res in a local variable.
Add __noinline to the definition of res_init() to avoid the code bloat
that these changes would have otherwise incurred. Thanks to jilles
for noticing this.
Sponsored by: Dell Inc.
Notes:
svn path=/stable/9/; revision=292463
|
| |
|
|
|
|
|
|
|
|
|
|
| |
RFC 3493 requires ignoring the loopback address for AI_ADDRCONFIG.
Since it breaks certain jail setup, we ignore just 127.0.0.1
instead of whole loopback address range.
PR: 192014
Reviewed by: hrs
Notes:
svn path=/stable/9/; revision=292457
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r292250:
Allow users override `DEBUG` on the command line via DEBUG_FLAGS="-DDEBUG" with
lib/libc/resolv by conditionalizing its definition
Reviewed by: ume, vangyzen
Differential Revision: https://reviews.freebsd.org/D4519
Notes:
svn path=/stable/9/; revision=292431
|
| |
|
|
|
|
|
|
|
|
|
| |
The calls to RES_SET_H_ERRNO() macro on error paths wind up
dereferencing an uninitialized res.
PR: 202142
Submitted by: Sean Boudreau
Notes:
svn path=/stable/9/; revision=292404
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r291837:
split.ih:
- Create automatically generated include header for split.c
main.c:
- Use function definitions from debug.ih and split.ih instead of externs
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292171
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r285140:
r285140 (by oshogbo):
Add fdclose(3) function.
This function is equivalent to fclose(3) function except that it
does not close the underlying file descriptor.
fdclose(3) is step forward to make FILE structure private.
Reviewed by: wblock, jilles, jhb, pjd
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D2697
Notes:
svn path=/stable/9/; revision=292154
|
| |
|
|
|
|
|
|
|
|
|
|
| |
MFC r292013:
Use stdint.h instead of inttypes.h as the latter pollutes namespace more
Submitted by: bde
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292151
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r291832,r291833,r291834,r291835,r291836,r291838:
r291832:
Fix -Wformat warnings by using the correct format qualifiers
Sponsored by: EMC / Isilon Storage Division
r291833:
- Use ANSI C function prototypes/definitions instead of K&R style ones
- Add a missing return type for main(..)
Sponsored by: EMC / Isilon Storage Division
r291834:
Add missing headers and sort #includes per style(9)
Sponsored by: EMC / Isilon Storage Division
r291835:
Use ANSI C function prototypes/definitions instead of K&R style ones
Sponsored by: EMC / Isilon Storage Division
r291836:
Use `==` instead of `=` in the function comment above split(..) so mkh -p
exposes split(..).
Sponsored by: EMC / Isilon Storage Division
r291838:
Fix -Wformat issues and minor whitespace issues in surrounding areas
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292145
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r292004:
Fix compilation when -DDEBUG is defined by adding inttypes.h #include
for intmax_t
Differential Revision: https://reviews.freebsd.org/D4434
Reported by: cppcheck
Reviewed by: jhb
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292141
|
| |
|
|
|
|
|
|
|
|
|
|
| |
MFC r291979:
Unbreak compiling getnetgrent.c with -DDEBUG after r236402 by adding a
missing "}"
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/stable/9/; revision=292139
|
| |
|
|
|
|
|
|
|
| |
MFC r291296:
Link localeconv(3) to localeconv_l(3)
Notes:
svn path=/stable/9/; revision=291878
|
