src/lib/libc/net, branch main

src/lib/libc/net, branch main FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=main 2026-02-12T07:56:42Z lib/libc/net/sockatmark.3: fix groff mdoc warning 2026-02-12T07:56:42Z Konstantin Belousov kib@FreeBSD.org 2026-02-12T07:56:42Z urn:sha1:10fde719587c22085c95759a242e9c51d249d024 PR: 293072 Sponsored by: The FreeBSD Foundation MFC after: 3 days libc: Don't use uninitialised string for getnetbyaddr[_r](0) DNS lookup 2026-01-27T21:44:39Z Jessica Clarke jrtc27@FreeBSD.org 2026-01-27T21:44:39Z urn:sha1:331316b073505e4794754af1cd0c5ccc578a2bde If net is all-zero, the loop to extract all leading non-zero octets will iterate zero times and leave nn with the value 4, which the following switch statement to initialise qbuf does not handle. As a result, _dns_getnetbyaddr will look up the PTR record for this uninitialised string, which will leak the pre-existing contents of that stack memory to the DNS resolver and, if remote and not otherwise protected, network. Note that _dns_getnetbyaddr is only used if nsswitch.conf is configured to enable the "dns" source for the "networks" database, which is not the default configuration in FreeBSD. For glibc this same bug, in code also derived from BIND's, was issued CVE-2026-0915. This commit adopts the same behaviour as glibc's fix, which is to regard a net of 0 as being for 0.0.0.0. Apparently NetBSD will return NS_UNAVAIL instead, which may or may not make more sense, but in general glibc compatibility tends to cause less friction when there's not a good reason to avoid it. Reviewed by: markj (secteam) Fixes: 1363f04ce1b8 ("get* rework and new bind code") MFC after: 1 day Security: Same bug as glibc's CVE-2026-0915 get*ent: be consistant about _ALIGN(p) - p 2025-12-10T10:57:34Z Brooks Davis brooks@FreeBSD.org 2025-12-10T10:57:34Z urn:sha1:ac79e2e025e03b7038e3abc886e34a03f5ec2934 Add an nscache specific inline function to calculate the misalignment rather than adding and subtracting _ALIGN(p) and p which can take the buffer far out of bound (undefined behavior in C and unsupported on CHERI). Reviewed by: kib Effort: CHERI upstreaming Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D53945 libc: preserve errno in gai_strerror() 2025-08-19T21:22:40Z Konstantin Belousov kib@FreeBSD.org 2025-08-19T03:05:37Z urn:sha1:f892e509c1a07f7116b9788a05e4ae99a06d54d0 PR: 288931 Reviewed by: emaste, glebius Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D52010 libc: some style in gai_strerror.c 2025-08-19T21:22:35Z Konstantin Belousov kib@FreeBSD.org 2025-08-19T03:00:11Z urn:sha1:bd4dd5d951ea022b478c455c3eabb2a1b8cc4936 Reviewed by: emaste, glebius Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D52010 libc: mark ai_errlist as const 2025-08-19T21:22:30Z Konstantin Belousov kib@FreeBSD.org 2025-08-19T02:57:34Z urn:sha1:47d1788c2e984f99521fd5b31194f96d94bf8a6b Reviewed by: emaste, glebius Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D52010 libc: convert ai_errlist array to designated initializers syntax 2025-08-19T21:22:26Z Konstantin Belousov kib@FreeBSD.org 2025-08-19T02:55:24Z urn:sha1:632f7051709da98d4c9e59f11404f00d456b592c Reviewed by: emaste, glebius Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D52010 libc: Disable debugging code in the resolver. 2025-07-24T14:01:00Z Dag-Erling Smørgrav des@FreeBSD.org 2025-07-24T14:01:00Z urn:sha1:cd0756cef21079104967969e275c18b84dc45053 Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D37319 link_addr: be more strict about address formats 2025-05-15T00:02:52Z Lexi Winter ivy@FreeBSD.org 2025-05-14T22:02:59Z urn:sha1:a1215090416b8afb346fb2ff5b38f25ba0134a3a instead of accepting any character as a delimiter, only accept ':', '.' and '-', and only permit a single delimiter in an address. this prevents accepting bizarre addresses like: ifconfig epair2a link 10.1.2.200/28 ... which is particularly problematic on an INET6-only system, in which case ifconfig defaults to the 'link' family, meaning that: ifconfig epair2a 10.1.2.200/28 ... changes the Ethernet address of the interface. bump __FreeBSD_version so link_addr() consumers can detect the change. Reviewed by: kp, des Approved by: des (mentor) Differential Revision: https://reviews.freebsd.org/D49936 libc: add link_ntoa_r() 2025-05-07T09:52:04Z Lexi Winter ivy@FreeBSD.org 2025-05-07T09:34:08Z urn:sha1:da509c29089ab169b667ebdf82aa903987ba9c6d this is a re-entrant version of link_ntoa. use an in-out parameter for the buffer size, so the user requires at most two calls to determine the needed size. reimplement link_ntoa using link_ntoa_r with a static buffer. Reviewed by: des Approved by: des (mentor) Differential Revision: https://reviews.freebsd.org/D50202