Sync libarchive with vendor including security fixes.
Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)
PR: 213092 (1)
MFC after: 1 week
Capsicum helpers are a set of inline functions which goal is to reduce
duplicated patterns used to Capsicumize applications.
Reviewed by: cem, AllanJude, bapt, ed, emaste
Differential Revision: https://reviews.freebsd.org/D8013
The setkey() and encrypt() functions are part of XSI, not the POSIX base
definitions. There is no strict requirement for us to provide these,
especially if we're only going to keep these around as undocumented
stubs. The same holds for des_setkey() and des_cipher().
Instead of providing functions that only generate warnings when linking,
simply disallow linking against them. The impact of this is relatively
low. It only causes two leaf ports to break. I'll see what I can do to
help out to get those fixed.
PR: 211626
The sysctl cannot fail. If it does fail on some FreeBSD derivative or
after some future change, just abort() so that the problem will be found
and fixed.
It's preferable to provide an arc4random() function that cannot fail and
cannot return poor quality random data. While abort() is not normally
suitable for a library, it makes sense here.
Reviewed by: ed, jonathan, markm
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8077
file descriptor for the given posix mqueue. Export the
timer_oshandle_np() symbol to get ktimer id for the given posix timer.
Requested by: Lewis Donzis <lew@perftech.com>
Reviewed by: jilles
Discussed with: kan
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
rS306534 did create bad cstyle by my mistake, correcting it.
Reviewed by: allanjude
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D8103
I've used this in a handful of RSS test applications. It is just some
very simple functions to fetch the RSS configuration, query the per-bucket
CPU set, and mark sockets as local to an RSS bucket. It should be sufficient
for both thread-based and process-based workloads.
(Yes, I wrote a manpage.)
This is based on some early RSS API and wrapper API work I did whilst
I was at Netflix. Thanks to Netflix for the very original work that
spawned this; thanks to Peter Grehan for his feedback about RSS APIs
and thanks to Jack Vogel and Navdeep Parhar for the NIC-facing side of the
APIs. These fed into the simple userland API I wrote up here.
Reviewed by: gallatin
s_{fabs,fmax,logb,scalb}{,f,l}.c may be built elsewhere with a higher
WARNS setting.
Reviewed by: ed
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8061
Also switch to the style used in the clang390-import branch to reduce
future conflicts.
Reviewed by: dim
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8039
It also turns off dependencies (bsdinstall, bsdconfig, dpv, tzsetup).
Reviewed by: dteske
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7969
build can break when different source files create the same target
files (case-insensitivity speaking). This is the case for object
files compiled with -fpic and shared libraries. The former uses
an extension of ".So", and the latter an extension ".so". Rename
shared object files from *.So to *.pico to match what NetBSD does.
See also r305855
MFC after: 1 month
Sponsored by: Bracket Computing
Differential Revision: https://reviews.freebsd.org/D7906
This helps to ensure we will not lose SIGINT sent by parent to child.
Reviewed by: sbruno, ngie
Sponsored by: DARPA, AFRL
Sponsored by: HEIF5
Differential Revision: https://reviews.freebsd.org/D7892
2) Implememt %u for GNU compatibility.
3) Don't forget to advance buf for %w/%u.
4) Fail with incomplete week (week 0) request and no such week in the
year.
5) Fix yday formula when Sunday requested and the week started from Monday.
6) Fail with impossible yday for incomplete week (week 0) and direct %w/%u
request.
7) Shift yday/wday to the first day of the year, if incomplete week
(week 0) requested and no %w/%u used.
MFC after: 7 days
have been added as some don't seem to be improvements over the libc C
implementation.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
it to lib/libc/tests/sys/Makefile [*]
Even though make -VPACKAGE and make -n install seem to do the right thing,
the effects are a bit different, depending on the build host.
MFC after: 1 week
Obtained from: HardenedBSD (af602f0db) [*]
Reported by: Oliver Pinter <oliver.pinter@hardenedbsd.org> [*]
Sponsored by: Dell EMC Isilon
It turns out that the path normalization that our brand new copy of
dirname(3) does is actually not allowed by the draft version of the
upcoming version of POSIX. It has to behave identically to the
dirname(1) utility.
This change replaces our new dirname(3) implementation by yet another
version that doesn't implement the path normalization logic; it merely
looks for the end of the directory name and overwrites that with a null
byte.
More details: See note #3370 at http://austingroupbugs.net/view.php?id=1073
PR: 212193
Reviewed by: emaste, jilles
Differential Revision: https://reviews.freebsd.org/D7790
needlessly
This is already being done by bsd.test.mk
The other subdirectory Makefiles were intentionally left alone
MFC after: 1 week
Sponsored by: Dell EMC Isilon
- Use _Bool to not require userspace to include stdbool.h.
- Make extattr.h usable without vnode_if.h.
- Follow i_ump to get cdev pointer.
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
build can break when different source files create the same object
files (case-insensitivity speaking). This is the case for _Exit.c
and _exit.s. Compile _Exit.c as C99_Exit.c
Reviewed by: sjg@
MFC after: completion
Sponsored by: Bracket Computing
Differential Revision: https://reviews.freebsd.org/D7893
Sync libarchive with vendor including important security fixes.
Issues fixed (FreeBSD):
PR #778: ACL error handling
Issue #745: Symlink check prefix optimization is too aggressive
Issue #746: Hard links with data can evade sandboxing restrictions
This update fixes the vulnerability #3 and vulnerability #4 as reported in
"non-cryptanalytic attacks against FreeBSD update components".
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Fix for vulnerability #2 has already been merged in r304989.
MFC after: 1 week
Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
libifconfig is still experimental and under active development.
To avoid making any ABI promises, mark the library as private
Suggested by: bapt
Reviewed by: kp
