| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
Manpage input from jmc@ and schwarze@, archaeological input from schwarze@.
ok schwarze@
|
| |
|
|
|
| |
checks userland-parsing vs kernel parsing, we are hoping to spot another
bug..
|
| |
|
|
| |
calling it until those are fixed.
|
| |
|
|
|
| |
None will all it, but this is the mechanism by which ramdisk build
determines which .o files to build for it's libraries.
|
| |
|
|
|
|
|
|
| |
For now, this also still uses the existing realpath implmentation
and emits a syslog if we see differening results. Once we have run
with that for a little while we will remove the old code
ok deraadt@
|
| |
|
|
|
|
|
| |
other man pages do.
ok schwarze@ guenther@ on socket(2). "Similar" tweak on accept(2)
requested by guenther@.
|
| |
|
|
| |
Fixes malloc_conceal...freezero with malloc options C and/or G.
|
| |
|
|
|
| |
triggered by a question from Jan Stary <hans at stare dot cz> on misc@;
OK otto@
|
| |
|
|
|
|
| |
i.e. those other than LC_CTYPE, into the CAVEATS section, and
standardize wording somewhat.
OK jmc@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
to avoid leaking it
ok deraadt@
|
| |
|
|
|
| |
jmc@ noticed that the text wasn't completely clear;
OK jmc@
|
| | |
|
| |
|
|
|
|
| |
No binary change when compiled with -g0.
Note that wcsftime.c did not even compile without TM_ZONE.
OK millert@
|
| |
|
|
|
| |
and also delete spaces before tabs;
no object change
|
| |
|
|
|
| |
bug reported by Hiltjo Posthuma <hiltjo at codemadness dot org>;
feedback and OK millert@, OK tedu@
|
| |
|
|
|
| |
patch from Hiltjo Posthuma <hiltjo at codemadness dot org>;
OK tedu@ millert@
|
| |
|
|
|
| |
counterparts but return memory in pages marked MAP_CONCEAL and on
free() freezero() is actually called.
|
| |
|
|
|
|
|
|
|
|
|
| |
They were originally defined in one way, then RFC822 erroneously
redefined them the opposite way, then RFC5322 said they can no
longer be used reliably.
So return NULL like FreeBSD, DragonFly, glibc, and musl do.
Issue reported by Hiltjo Posthuma <hiltjo at codemadness dot org>.
Deletion suggested by tedu@ and deraadt@.
Feedback and OK on the patch from tedu@.
|
| |
|
|
| |
ok mortimer@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
While here, stop describing the default (wrong place to be so specific)
|
| | |
|
| |
|
|
|
|
| |
value is given for the off. found by nagasaka at IIJ.
ok deraadt
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Doing the fchown call causes pledge("tmppath") to be insufficient and the
the umask dance may cause race-conditions in multithreaded applications.
Also POSIX states the following nowadays:
implementations may restrict the permissions, either by clearing the file
mode bits or setting them to the value S_IRUSR | S_IWUSR.
Encouraging words from tedu@
Standards verification and OK millert@
|
| |
|
|
|
| |
reported by Fabio Scotoni <fabio at esse dot ch>;
also garbage collect one .Tn while here
|
| | |
|
| | |
|
| |
|
|
|
|
| |
obvious misconfigurations that cannot work.
OK mpi@ tedu@
|
| |
|
|
|
|
| |
that includes retguard code.
ok mortimer@
|
| |
|
|
|
|
| |
gadgets from libc.
ok deraadt@, kettenis@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While POSIX appears to allow the old behaviour of ignoring "oldloc",
Ted and Karl convinced me that is a bug in the spec and the Austin
group almost certainly intended to require the new behaviour.
Anyway, compatibility strongly suggests the new behaviour because
most (or maybe even all?) other systems do not ignore "oldloc",
and some software appears to depend on the copying from "oldloc"
to the new locale.
Issue analyzed and reported by Karl Williamson <public at
khwilliamson dot com> with support from the Perl 5 community.
This final diff is similar to two earlier diffs from Ted,
but handles invalid input in a mode robust way.
OK tedu@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No other (known) BSD-derived adjtime(2) implementation checks for overflow
when converting delta into its final denomination of fractional seconds.
This is peculiar, as the call originates in 4.3BSD.
However, glibc, uclibc, and (to an extent) musl /do/ check the input and set
EINVAL if it exceeds a certain bound, so we'll just use the errno that they
use to be consistent with extant practice.
Prompted by the comment kettenis@ left when we switched to storing the
adjustment in an int64_t like ~5 years ago (kern_time.c,v 1.87).
Positive feedback from deraadt@, manpage bits ok jmc@,
no code complaints from otto@ or tedu@.
|
| | |
|
| | |
|
| |
|
|
|
| |
by realpath(3). This will go away post 6.5.
ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read. We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that.
|
| |
|
|
|
|
| |
There is no point in checking permissions of files in root-owned
directories. If it even was a problem, secure_path(3) suffers from
unsolvable TOCTOU issues. OK deraadt@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
patch from Peter Piwowarski <peterjpiwowarski at gmail dot com>
|
| | |
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
|
| |
shared one manpage.
ok florian@
|
| |
|
|
|
| |
and avoid an anachronistic wording found by deraadt@;
joint work with deraadt@
|
| |
|
|
|
| |
a Internet address -> an Internet address
and sort SEE ALSO
|
| | |
|
cheloha
deraadt
beck
krw
otto
schwarze
tb
guenther
claudio
tedu
jmc
yasuoka
martijn
anton
visa
kettenis
mortimer
millert
rob
kevlo
benno