mode. This addresses a well-known race condition that can cause
servers to hang in accept(). The relevant case is when somebody
connects to the server and then immediately kills the connection
by sending a TCP reset. On the server this causes select to report
a ready condition on the socket, after which the accept call blocks
because there is no longer any pending connection to accept.
In -current there is already a work-around for this in the kernel.
It was merged into -stable some time ago, but then David Greenman
reverted it because it seemed to be causing a socket leak in some
cases. (See uipc_socket.c revision 1.51.2.3.) Hence this userland
fix is needed in -stable, and I plan to merge it into that branch
soon because it fixes a potential DoS attack. It may also be needed
in -current if the suspected socket leak turns out to be real. In
any case, after thinking it over I believe the fix belongs in
userland. An application shouldn't assume that a ready return from
select guarantees that the subsequent I/O operation cannot block.
A lot can happen between the select and the accept.
A similar fix should most likely be applied to the Unix domain
socket transport too.
Submitted by: peter
Reviewed by: jdp
It used to loop back up to the accept() call and block there,
shutting out all other transports until a new connection came in.
Now it returns instead after dropping the connection. That will
take it back to the select() loop where all transports can be
serviced. I intend to MFC this within a day or two since it
fixes a DoS vulnerability.
This fixes some nasty procfs problems for SMP, makes ps(1) run much faster,
and makes ps(1) even less dependent on /proc which will aid chroot and
jails alike.
To disable this facility and revert to previous behaviour:
sysctl -w kern.ps_arg_cache_limit=0
For full details see the current@FreeBSD.org mail-archives.
which is zero-based.
Correct the range checking for the value taken for %S.
Add %w for the day of the week (0-6).
Accept (but do nothing with) %U and %W. The comment for this change was
taken from NetBSD.
These changes were made after several failed attempts to contact the
author of our strptime.c .
PR: 10131
Submitted by: tadf@kt.rim.or.jp (Tadayoshi Funaba)
should close all outstanding PRs on incorrect inet_aton behavior, and
since it has a decent parsing routine, doesn't allow some hysterically
working behavior.
PR: 13628
Submitted by: Adrian Chadd <adrian@FreeBSD.org>
next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
setjmp() gets the jmp_buf pointer from the wrong place (the place
where the return address is) in the shlib case, and uses it (only)
to fetch the current signal mask to address (return_address + 28).
This address is normally read-only (I hope), so the sigprocmask()
call has no effect except to return an error code.
\end{quote}
Submitted by: bde
the code, which seems to implement the POSIX requirements, and
have described the behavior here. Basically, it behaves the same
as select(2).
Noticed by: John Polstra
to call osigaction(). But that's wrong because it causes the
handler to receive a struct osigcontext instead of the expected
struct sigcontext. Use sigaction() instead, copying the compatible
portion of the signal mask.
Reviewed by: marcel
-----------------------------
Most of the userland changes are in libc. For both the alpha
and the i386 setjmp has been changed to accomodate for the
new sigset_t. Internally, libc is mostly rewritten to use the
new syscalls. The exception is in compat-43/sigcompat.c
The POSIX thread library has also been rewritten to use the
new sigset_t. Except, that it currently only handles NSIG
signals instead of the maximum _SIG_MAXSIG. This should not
be a problem because current applications don't use any
signals higher than NSIG.
There are version bumps for the following libraries:
libdialog
libreadline
libc
libc_r
libedit
libftpio
libss
These libraries either a) have one of the modified structures
visible in the interface, or b) use sigset_t internally and
may cause breakage if new binaries are used against libraries
that don't have the sigset_t change. This not an immediate
issue, but will be as soon as applications start using the
new range to its fullest.
NOTE: libncurses already had an version bump and has not been
given one now.
NOTE: doscmd is a real casualty and has been disconnected for
the moment. Reconnection will eventually happen after
doscmd has been fixed. I'm aware that being the last one
to touch it, I'm automaticly promoted to being maintainer.
According to good taste this means that I will receive a
badge which either will be glued or mechanically stapled,
drilled or otherwise violently forced onto me :-)
NOTE: pcvt/vttest cannot be compiled with -traditional. The
change cause sys/types to be included along the way which
contains the const and volatile modifiers. I don't consider
this a solution, but more a workaround.
required to be "announced" by a new bit in sa_flags to indicate the
program is aware of and has taken care of them. eg: SA_SIGINFO means
the program has used the sa_siginfo field (versus sa_handler).
sigaction, used to describe an action to be taken, is defined in the
header <signal.h> to include at least the following members:"
^^^^^^^^
A sigaction defined on stack with essentially random contents may have
just about anything underneath fields that the program doesn't know about.
It is not safe to delete the bzero.
