| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
| |
counterparts but return memory in pages marked MAP_CONCEAL and on
free() freezero() is actually called.
|
|
|
|
|
|
|
|
|
|
|
| |
They were originally defined in one way, then RFC822 erroneously
redefined them the opposite way, then RFC5322 said they can no
longer be used reliably.
So return NULL like FreeBSD, DragonFly, glibc, and musl do.
Issue reported by Hiltjo Posthuma <hiltjo at codemadness dot org>.
Deletion suggested by tedu@ and deraadt@.
Feedback and OK on the patch from tedu@.
|
|
|
|
| |
ok mortimer@
|
| |
|
| |
|
| |
|
|
|
|
| |
While here, stop describing the default (wrong place to be so specific)
|
| |
|
|
|
|
|
|
| |
value is given for the off. found by nagasaka at IIJ.
ok deraadt
|
|
|
|
|
|
|
|
|
|
|
|
| |
Doing the fchown call causes pledge("tmppath") to be insufficient and the
the umask dance may cause race-conditions in multithreaded applications.
Also POSIX states the following nowadays:
implementations may restrict the permissions, either by clearing the file
mode bits or setting them to the value S_IRUSR | S_IWUSR.
Encouraging words from tedu@
Standards verification and OK millert@
|
|
|
|
|
| |
reported by Fabio Scotoni <fabio at esse dot ch>;
also garbage collect one .Tn while here
|
| |
|
| |
|
|
|
|
|
|
| |
obvious misconfigurations that cannot work.
OK mpi@ tedu@
|
|
|
|
|
|
| |
that includes retguard code.
ok mortimer@
|
|
|
|
|
|
| |
gadgets from libc.
ok deraadt@, kettenis@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While POSIX appears to allow the old behaviour of ignoring "oldloc",
Ted and Karl convinced me that is a bug in the spec and the Austin
group almost certainly intended to require the new behaviour.
Anyway, compatibility strongly suggests the new behaviour because
most (or maybe even all?) other systems do not ignore "oldloc",
and some software appears to depend on the copying from "oldloc"
to the new locale.
Issue analyzed and reported by Karl Williamson <public at
khwilliamson dot com> with support from the Perl 5 community.
This final diff is similar to two earlier diffs from Ted,
but handles invalid input in a mode robust way.
OK tedu@.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No other (known) BSD-derived adjtime(2) implementation checks for overflow
when converting delta into its final denomination of fractional seconds.
This is peculiar, as the call originates in 4.3BSD.
However, glibc, uclibc, and (to an extent) musl /do/ check the input and set
EINVAL if it exceeds a certain bound, so we'll just use the errno that they
use to be consistent with extant practice.
Prompted by the comment kettenis@ left when we switched to storing the
adjustment in an int64_t like ~5 years ago (kern_time.c,v 1.87).
Positive feedback from deraadt@, manpage bits ok jmc@,
no code complaints from otto@ or tedu@.
|
| |
|
| |
|
|
|
|
|
| |
by realpath(3). This will go away post 6.5.
ok deraadt@
|
|
|
|
|
|
|
|
|
| |
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read. We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that.
|
|
|
|
|
|
| |
There is no point in checking permissions of files in root-owned
directories. If it even was a problem, secure_path(3) suffers from
unsolvable TOCTOU issues. OK deraadt@
|
|
|
|
| |
ok jmc@
|
|
|
|
| |
patch from Peter Piwowarski <peterjpiwowarski at gmail dot com>
|
| |
|
|
|
|
| |
ok deraadt@
|
|
|
|
|
| |
shared one manpage.
ok florian@
|
|
|
|
|
| |
and avoid an anachronistic wording found by deraadt@;
joint work with deraadt@
|
|
|
|
|
| |
a Internet address -> an Internet address
and sort SEE ALSO
|
| |
|
|
|
|
|
|
|
| |
fflush() as the variable is stack based (no possible concurrent access).
call directly __sflush()
ok visa@ deraadt@
|
|
|
|
|
|
|
|
|
| |
Since strftime(3)'s %e conversion specification preceeds single digits by a
blank, do the converse here to allow safe data round trips through these
functions with the same format string.
Positive feedback tedu deraadt,
OK millert jca
|
|
|
|
|
|
|
|
|
| |
This implementation reduces contention because threads no longer need
to spin calling sched_yield(2) before going to sleep.
Tested by many, thanks!
ok visa@, pirofti@
|
|
|
|
| |
Pointed out by pirofti@ while reviewing my rwlock impl. based on this one.
|
|
|
|
| |
OK claudio@ and jca@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This lets witness(4) save a stack trace on each lock acquisition.
The saved traces can be viewed in ddb(4) when showing the currently
held locks, which may help when debugging incorrect locking.
Sample output:
ddb{0}> show all locks
Process 63836 (rm) thread 0xffff8000221e52c8 (435004)
exclusive rrwlock inode r = 0 (0xfffffd8119a092c0) locked @ /usr/src/sys/ufs/ufs/ufs_vnops.c:1547
#0 witness_lock+0x419
#1 _rw_enter+0x2bb
#2 _rrw_enter+0x42
#3 VOP_LOCK+0x3f
#4 vn_lock+0x36
#5 vfs_lookup+0xa1
#6 namei+0x2b3
#7 dounlinkat+0x85
#8 syscall+0x338
#9 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff81e6a5f0) locked @ /usr/src/sys/arch/amd64/amd64/intr.c:525
#0 witness_lock+0x419
#1 syscall+0x2b6
#2 Xsyscall+0x128
The saving adds overhead, so it is not enabled by default. It can be
taken into use by setting sysctl kern.witness.locktrace=1 at runtime
or by defining WITNESS_LOCKTRACE in the kernel configuration.
Feedback and OK anton@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use these all over the tree so they ought to be documented on a
separate page; move them out of getitimer.2 into timeradd.3. While
moving, clean up the language and markup here and there.
Still needs to be added to share/man/man3/Makefile, pending any further
cleanup in-tree.
With input from schwarze@, jmc@, and millert@.
"looks great" deraadt@, "(ok)" jmc@, ok tedu@,
"we'll spruce it up in-tree" schwarze@
|
| |
|
|
|
|
|
|
|
|
| |
When an invalid regular expression is passed, seterr() is called which
sets p->error to the appropriate error code and sets p->next and
p->end to nuls[]. However, p->next is decremented in the default
case in p_ere_exp() and p_simp_re() which makes it point to one
byte before nuls[]. From FreeBSD. OK tedu@ deraadt@
|
|
|
|
| |
This requires a libc major version bump. OK deraadt@
|
| |
|
|
|
|
|
|
| |
dereferencing it.
ok kettenis@, visa@
|
|
|
|
|
|
|
|
| |
The new node contains the subsystem's main control variable,
kern.witness.watch. It is aliased by the old name, kern.witnesswatch.
The alias will be removed in the future.
OK anton@ mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
POSIX allows for one extra second in a minute, i.e. "23:59:60", so that leap
seconds can be parsed. They don't allow for *two* extra seconds, i.e.
"23:59:61", though.
Typo introduced in NetBSD lib/libc/time/strptime.c,v1.3.
ok krw@ bcook@ tedu@
|
| |
|
| |
|
|
|
|
|
|
| |
net.inet.ipcomp.enable.
ok deraadt@ bluhm@
|