summaryrefslogtreecommitdiffstats
path: root/lib/libc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add missing second argument to FD_SET macro in example code snippet.tb2015-12-251-3/+3
| | | | | | Spotted and diff provided by d ! lowe () openmailbox ! org, thanks! ok schwarze@
* Both our manual and POSIX ask us to set the error indicator when anschwarze2015-12-241-2/+2
| | | | | | | encoding error occurs, so do it. While here, do not set errno after mbrtowc(3) failure; mbrtowc(3) already does that, and that behaviour is required by the standard. ok jca@ guenther@ "nice find" deraadt@
* gethostbyname2() and gethostbyaddr() need <sys/socket.h>; discussed withtim2015-12-191-6/+8
| | | | millert@
* Simplify return call of rand() and rand_r() to make it easier to read.tb2015-12-181-2/+2
| | | | | | | | | This is slightly less robust, but RAND_MAX must be one below a power of two in both variants anyway. Based on a suggestion by Matthew Martin. ok tedu@
* tweak previous;jmc2015-12-162-4/+5
|
* documents pledge(2) "dpath" promisesemarie2015-12-161-1/+6
| | | | | | with inputs from jmc@ ok jmc@ deraadt@
* Remove support for HOSTALIASES from the resolver. This "open and parsederaadt2015-12-167-81/+13
| | | | | | | | any file indicated by an environment variable" feature inside the resolver is incompatible with what pledge "dns" is trying to be. It is a misguided "feature" added way back in history which almost noone uses, but everyone has to assume the risk from. ok eric florian kettenis
* in pledged process, setuid/setgid/sticky bits should be ignored.semarie2015-12-161-2/+4
| | | | | | enforce it for mkfifo(2) and mknod(2) (with "dpath" promise). ok deraadt@
* s/begining/beginning/gmmcc2015-12-141-2/+2
|
* Remove calloc cast, give sizeof parens. No functional change.mmcc2015-12-121-2/+2
|
* "the the" -> "the" in commentmmcc2015-12-111-2/+2
|
* tiny sanity check on file sizetedu2015-12-101-1/+3
|
* use geteuid to make it easier for root to communicate.tedu2015-12-101-2/+2
| | | | reported by Jeunder Yu
* Integrate two patches originally from Daniel Micay.tedu2015-12-091-8/+76
| | | | | | | | | | | | 1. Optionally add random "canaries" to the end of an allocation. This requires increasing the internal size of the allocation slightly, which probably results in a large effective increase with current power of two sizing. Therefore, this option is only enabled via 'C'. 2. When writing junk (0xdf) to freed chunks (current default behavior), check that the junk is still intact when finally freeing the delayed chunk to catch some potential use after free. This should be pretty cheap so there's no option to control it separately. ok deraadt tb
* rewrite guts of getusershell() to avoid possibility of overflow.tedu2015-12-081-41/+45
| | | | | | | | instead of trying to allocate "just enough" memory based on the size of the file (which is mostly comments, in fact), allocate memory on demand. i.e., save memory by wasting it. also be a little stricter about parsing. after discussion with tobias. (with a bug fix from patrick keshishian) descended from bug glibc bug 18660 via tobias.
* Validate input files to prevent out of boundary accesses.tobias2015-12-061-63/+80
| | | | with input by and ok schwarze@
* Remove the /usr/share/nls/ exception from pledge(2). The libcbluhm2015-12-031-9/+5
| | | | | native language support was deleted a month ago at u2k15. OK semarie@ deraadt@
* use strlcat instead of strlcpy with modified arguments. ok deraadt@canacar2015-12-011-6/+5
|
* Document that "tty" provides read-write access to /dev/tty too.millert2015-12-011-4/+9
| | | | OK deraadt@
* modify getpw*(), getgr*(), and getgrouplist() functions to access thederaadt2015-12-013-4/+24
| | | | | | | | | YP lock file unconditionally. This hints to the kernel that a "getpw" operation is happening, even in the non-YP case. This looks like a gruesome hack, but helps refine the ways these functions are called and mandates the right pledge requests. Once the tree is fully annotated we will know better how to improve the backing store management. ok semarie espie beck
* Send Aviion to same place as Nova IIderaadt2015-12-011-5/+5
| | | | discussed with jsg
* Mention ksh along with csh when job control is discussed. ok deraadt@mmcc2015-12-011-3/+6
|
* Phrase allocation failure more clearly. ok deraadt@mmcc2015-12-011-3/+3
|
* change Xrs from now-defunct db(3) to dbopen(3); this wasn;t ajmc2015-11-304-17/+17
| | | | | | | straight replace: thanks both to schwarze and maja for feedback on how to rewrite parts; i've snuck in an rcs id->openbsd id change in dev_mkdb too;
* Add pledge "pf" which allows ioctls on pf(4). This will be used bybenno2015-11-291-2/+20
| | | | | relayd and other programs manipulating the packet filter. ok deraadt@
* remove the "YP server for domain %s not responding, still trying" code.deraadt2015-11-261-15/+1
| | | | | | | | | For years, it talked to stderr. That was wrong. Then it was converted to opening /dev/tty, which is also wrong (pledge says so). Upon reconsideration people in these more modern times have adapted to all sorts of services not being available, so axe the alert and retry silently. ok beck
* group_from_gid: use _GR_BUF_LEN instead of _PW_BUF_LENjcs2015-11-251-2/+2
|
* Wrap <icdb.h> so that calls go direct and the symbols are all weakguenther2015-11-252-1/+47
| | | | ok tedu@
* Make using a deprecated function an error instead of just a warningguenther2015-11-251-1/+5
| | | | ok millert@ kettenis@
* syslog() here is pointless; ok millertderaadt2015-11-251-2/+0
|
* Rather than using syslog(3) (which pulls in snprintf), creating the reportderaadt2015-11-251-4/+14
| | | | | | | | string using simpler strings functions and use sendsyslog2() directly. Also, use the LOG_CONS flag so that single-user reports are more clear. Use a buffer size of 1024 (from bluhm) discussed with guenther and matthew ok millert
* Add a syscall stub for sendsyslog2(2), and use it in syslog_r(3), passingderaadt2015-11-253-22/+9
| | | | | | LOG_CONS to the kernel. As a result, the /dev/console opening code can be removed. ok kettenis millert beck
* Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} withinmillert2015-11-2412-103/+72
| | | | | | | libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@
* fix an error in NAME; ok schwarzejmc2015-11-241-3/+3
|
* Document that these functions are now in strings.h.daniel2015-11-247-19/+22
| | | | ok millert@
* Don't fake a bulleted list by prefixing items with 'o'.bentley2015-11-241-8/+8
| | | | ok jmc@
* Remove support for "lookup yp" in /etc/resolv.conf. This historicalderaadt2015-11-234-239/+7
| | | | | | | | wart is incompatible with pledge, because suddenly a "dns" operation needs "getpw" access to ypbind/ypserv, etc. file + dns access is enough for everyone, sorry if you were using that old SunOS 4.x style mechanism, but it is now gone. ok semarie millert florian
* point to mount_mfs(8), not mfs(8);jmc2015-11-231-3/+3
|
* point to netintro(4) rather than (now removed) networking(4);jmc2015-11-212-6/+6
|
* Document that the status argument may be NULL; OK millert@tim2015-11-201-3/+4
|
* typo tcgetpgrp -> tcsetpgrptb2015-11-201-3/+3
| | | | ok mmcc@, yes... deraadt@
* mlinks for _shadowtedu2015-11-181-1/+2
|
* document the _shadow functionstedu2015-11-181-5/+17
|
* add a version field to prevent mayhem if different data gets storedtedu2015-11-181-3/+7
|
* update for new symbols and codetedu2015-11-183-3/+16
|
* Add icdb, the internal c database. A simpler replacement for the oldtedu2015-11-181-0/+367
| | | | Berzerkeley DB code.
* Add _shadow variants to the two popular getpw functions (uid and nam).tedu2015-11-182-15/+69
| | | | | | | | | This version of the function will always open the secure/shadow/master password files. Soon, the regular variants of these functions will not. (Intermixing shadow and regular gets a little weird; don't do that.) Not using struct spwd and getspwnam functions to reduce churn in callers. Should just be a one line diff in most places. ok deraadt
* rob pierce spotted a mistake left by jmcderaadt2015-11-181-3/+3
|
* change passwd caches to be 4-way "associative". still primitive, but atedu2015-11-171-24/+62
| | | | little better than winner take all caching.
* minor tweaks;jmc2015-11-162-4/+4
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.