src/lib/libutil, branch release/13.1.0FreeBSD source treehttps://cgit-dev.freebsd.org/src/atom?h=release%2F13.1.02021-11-01T00:44:51Zlibutil: add kinfo_getswapvmobject(3)2021-11-01T00:44:51ZKonstantin Belousovkib@FreeBSD.org2021-10-26T08:40:10Zurn:sha1:cfccf3baca5c26feb9fb4b72a980ea85d3f4f810
(cherry picked from commit f2069331e5821f4c2b65d82af2809946a34158d2)
login.conf.5: Mark passwordtime as implemented2021-10-15T13:14:53ZFelix Johnsonfelix.the.red@gmail.com2021-10-06T20:47:02Zurn:sha1:a9077f3e0c11a878bd4a8a729e1e9c3147c135e5
login.conf.5 listed passwordtime in RESERVED CAPABILITIES, which is a
section for capabilities not implemented in the base system. However,
passwordtime has been implemented in the base for several years now.
PR: 246099
Reported by: avg
Reviewed by: 0mp
MFC after: 3 days
(cherry picked from commit e7f8f3b95e1ff76765f1d2f4412b95f6ff5abe25)
pidfile test: guarantee nul termination of the read pid string2021-10-01T00:32:22ZKonstantin Belousovkib@FreeBSD.org2021-09-24T03:12:20Zurn:sha1:288a4784012ca3f2b2c2cb46e67d9c65cd55b5e0
PR: 258701
(cherry picked from commit 364790beafec707ca3e334683e4030684d829be2)
setclassenvironment: trim leading spaces in variable names2021-04-15T19:15:51ZYuri Pankovyuripv@FreeBSD.org2021-04-11T22:02:12Zurn:sha1:c6dcae2dfa3b96edc1fd8bbb6254c48fafbc8cd3
Trim leading spaces in variable names when the list is e.g.
pretty-formatted in /etc/login.conf or ~/.login_conf.
PR: 247947
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D25649
(cherry picked from commit eeaf9d562fe137e0c52b8c346742dccfc8bde015)
Change getlocalbase() to not allocate any heap memory2020-12-12T11:23:52ZStefan Eßerse@FreeBSD.org2020-12-12T11:23:52Zurn:sha1:6c2596f00c26085ed9e3544a415f5f275c41eaec
After the commit of the current version, Scott Long pointed out, that an
attacker might be able to cause a use-after-free access if this function
returned the value of the sysctl variable "user.localbase" by freeing
the allocated memory without the cached address being cleared in the
library function.
To resolve this issue, I have proposed the originally suggested version
with a statically allocated buffer in a review (D27370). There was no
feedback on this review and after waiting for more than 2 weeks, the
potential security issue is fixed by this commit. (There was no security
risk in practice, since none of the programs converted to use this
function attempted to free the buffer. The address could only have
pointed into the heap if user.localbase was set to a non-default value,
into r/o data or the environment, else.)
This version uses a static buffer of size LOCALBASE_CTL_LEN, which
defaults to MAXPATHLEN. This does not increase the memory footprint
of the library at this time, since its data segment grows from less
than 7 KB to less than 8 KB, i.e. it will get two 4 KB pages on typical
architectures, anyway.
Compiling with LOCALBASE_CTL_LEN defined as 0 will remove the code
that accesses the sysctl variable, values between 1 and MAXPATHLEN-1
will limit the maximum size of the prefix. When built with such a
value and if too large a value has been configured in user.localbase,
the value defined as ILLEGAL_PREFIX will be returned to cause any
file operations on that result to fail. (Default value is "/dev/null/",
the review contained "/\177", but I assume that "/dev/null" exists and
can not be accessed as a directory. Any other string that can be assumed
not be a valid path prefix could be used.)
I do suggest to use LOCALBASE_CTL_LEN to size the in-kernel buffer for
the user.localbase variable, too. Doing this would guarantee that the
result always fit into the buffer in this library function (unless run
on a kernel built with a different buffer size.)
The function always returns a valid string, and only in case it is built
with a small static buffer and run on a system with too large a value in
user.localbase, the ILLEGAL_PREFIX will be returned, effectively causing
the created path to be non-existent.
Differential Revision: https://reviews.freebsd.org/D27370
Add function getlocalbase() to libutil.2020-11-18T19:44:30ZStefan Eßerse@FreeBSD.org2020-11-18T19:44:30Zurn:sha1:30d21d279537e46629a697908d2d207c06bc310e
This function returns the path to the local software base directory, by
default "/usr/local" (or the value of _PATH_LOCALBASE in include/paths.h
when building the world).
The value returned can be overridden by 2 methods:
- the LOCALBASE environment variable (ignored by SUID programs)
- else a non-default user.localbase sysctl value
Reviewed by: hps (earlier version)
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27236
Revert the whole getlocalbase() set of changes while a different design is2020-11-15T20:24:59ZScott Longscottl@FreeBSD.org2020-11-15T20:24:59Zurn:sha1:8e1031086d40b9bd3fa255d92cc45573e3afed16
hashed out.
Because getlocalbase() returns -1 on error, it needs to use a signed type2020-11-15T07:48:52ZScott Longscottl@FreeBSD.org2020-11-15T07:48:52Zurn:sha1:85a5fe290b4700ad7f4673f653be77bc6ae0a4d0
internally. Do that, and make sure that conversations between signed and
unsigned don't overflow
Fix a problem with r367686 related to the use of ssize_t. Not sure how this2020-11-14T19:04:36ZScott Longscottl@FreeBSD.org2020-11-14T19:04:36Zurn:sha1:bcf9ae275153c1013b88e1332446474242607a80
escaped prior testing, but it should be better now.
Reported by: lots
Add the library function getlocalbase and its manual page. This helps to2020-11-14T17:57:50ZScott Longscottl@FreeBSD.org2020-11-14T17:57:50Zurn:sha1:98b76d2227cb9b951cc6f006e2c78f243344f1bc
unify the retrieval of the various ways that the local software base directory,
typically "/usr/local", is expressed in the system.
Reviewed by: se
Differential Revision: https://reviews.freebsd.org/D27022