checks, including the "open directory" check or a MAC check fail,
after the working directory of the process has been changed, then
the cwd of the process will be left as the target directory rather
than the original directory.
At some point, this bug might be fixable by performing the directory
change only after permission is granted for the change. In the
mean time document it (it's been there for a while).
is finished. This fixes clients doing two RPCs over the
same connection at the same time. Without this fix, we
could end with a reply to old data.
Submitted by: Frank van der Linden <fvdl@netbsd.org>
Reviewed by: rwatson
Obtained from: NetBSD
a NULL filename argument allows a stream's mode to be changed. At the
moment it just recycles the old file descriptor instead of storing the
filename somewhere and using that to reopen the file, as the standard
seems to require. Strictly conforming C99 applications probably can't
tell the difference but POSIX ones can.
PR: 46791
to be called on first sight of trouble.
"sensitive" is somewhat arbitrarily defined as "setuid, setgid, uid == root
or gid == wheel".
The 'A' option carries no performance penalty.
It is not possible to override this setting: fix the program instead.
Absentmindedly nodded OK to by: various
o Link mac_get_pid.3 to mac_get.3
o Update SEE ALSO to refer to mac_prepare, and added missing references
o Remove clause #3 on my work
o Update mac_get.3 for the updated MAC API
Sponsored by: DARPA, Network Associates Laboratories
Obtained from: TrustedBSD Project
so that multiple opens of the same semaphore without an intervening
sem_close() return the same object, and so that sem_close() does not
segfault while trying to remove the item from the list.
putchar_unlocked(), putc_unlocked(), feof_unlocked(), ferror_unlocked(),
clearerr_unlocked(), and fileno_unlocked(). The first four are required
by POSIX. The rest are provided for consistency.
instead of unwinding the call stack. This makes them usable to switch
stacks, e.g. for libc_r.
Do not save the frame pointer in setjmp() and _setjmp(), it is not needed
any more.
Rename _longjmp() to ___longjmp(), with a weak alias to _longjmp(), like
the other architectures did.
o Call waitpid() if an error occurs after forking the child process
to avoid leaving zombies around.
o Handle the WRDE_DOOFS|WRDE_APPEND combination correctly
o Do not confuse $( substitution with $(( shell arithmetic
(noticed by wollman)
o Handle backslash escaping properly
o Allow $( and ${ to be quoted
As a side effect, it makes the code easier to read and requires less
pointer arithmetic.
Test by: strerror regression test
Submitted by: Tim Kientzle <kientzle@acm.org>
when the same pipe FILE is pclosed()'d in different threads, and to avoid
corrupting the linked list when adding or removing items. The symptoms of
the linked list getting corrupted were pclose() either not finding the pipe
on the list, or the list becoming circular and pclose() looping infinitely.
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.
Submitted by: Ryan Younce <ryany@pobox.com>
Reviewed by: security-officer@, standards@, mike@
This situation most notably arises in chkprintcap, when a /etc/printcap
entry has an empty rp= attribute. In that case, cgetmatch would enter
an infinite loop if any entry in the file has multiple names.
This causes lpd to hang at boot time on 5.0-DP2 when both conditions
are met (:rp=: and multiple names -- not necessarily on the same entry).
Reviewed by: roberto
a pointer and lack a prototype will have the return value (assumed
to be an integer) zero-extended to a pointer. On ia64 this is
unconditionally fatal as it zeroes-out the region bits, forming an
invalid pointer. Fix the sigsegv by including <stdlib.h>.
Pointy hat: bbraun
the -fpcc-struct-return calling convention properly instead of
returning garbage. This may break backwards compatibility with some old
binaries that were compiled when -fno-pcc-struct-return was the default.
o Fix an English error (comma splice) and poorly worded sentence.
o Fix KNF ordering of variables (pointers come before arithmetic types).
o Restore hand-optimization of sizeof()-1, instead of strlen().
o Remove unneeded local variables in strerror_r().
Test by: strerror regression test
Requested by: bde
Reviewed by: bde
strerror_r(). Doing this allows us to ensure that strerror_r() always
fills the supplied buffer regardless of EINVAL or ERANGE errors.
strerror()'s semantics have changed slightly such that an argument of
0 is now considered invalid and errno is set to EINVAL.
Remove internal regression test for strerror() and strerror_r(). This
will be reincarnated in src/tools/regression/lib/libc/string.
In strerror(3), add a comment about strerror()'s bogus return type.
PR: 44356
Stop calling system calls "function calls".
Use "The .Fn system call" a-la "The .Nm utility".
When referring to a non-BSD implementation in
the HISTORY section, call syscall a function,
to be safe.
from "unix" back to "local". Add some compat stuff so both
ways work for some time.
Reviewed by: phk
Approved by: imp (UPDATING)
Requested by: iedowse, lukem@netbsd.org
when trying to store the year in a signed int. The maximum time_t on ia64
is around 292 billion years in the future, but 'int' and struct tm.tm_year
can only represent then ext 2.1 billion years or so.
This solves the problem of mktime/localtime looping on ia64. Unfortunately,
the standards say that tm_year is an 'int', so we are still stuck with a
y2147483647 bug. bash2's configure script looks for bugs in mktime() and
fails on ia64 because of this. However, mktime() on FreeBSD fails the test
normally anyway so this is no big loss.
This change does not affect any other platforms besides ia64.
Approved by: re
been repo-copied from src/lib/libc/uuid to src/include. Update the
makefiles.
While in src/include/Makefile, reformat and resort INCS. Reverting
the functional change only involves removing uuid.h.
Pompted by: ru
I've no idea if this is the right behavior for the library, but this
at least fixes the build, and matches what seems to be alfred's intent
in the commit message for 1.19.
sysconf.c:
Use 'break' rather than 'goto yesno' in sysconf.c so that we report a '0'
return value from the kernel sysctl.
vfs_aio.c:
Make aio reset its configuration parameters to -1 after unloading
instead of 0.
posix4_mib.c:
Initialize the aio configuration parameters to -1
to indicate that it is not loaded.
Add a facility (p31b_iscfg()) to determine if a posix4 facility has been
initialized to avoid having to re-order the SYSINITs.
Use p31b_iscfg() to determine if aio has had a chance to run yet which
is likely if it is compiled into the kernel and avoid spamming its
values.
Introduce a macro P31B_VALID() instead of doing the same comparison over
and over.
posix4.h:
Prototype p31b_iscfg().
libc. I want to keep these in some version for the thread
library/ies, but don't know whether to have them repo-copied
to libc_r or renamed and kept in libc.
Change the name of an alpha macro that was changed with the
system call commit.
subsystems capabilities:
_SC_AIO_LISTIO_MAX returns the default of _POSIX_AIO_LISTIO_MAX
_SC_AIO_MAX returns the default _POSIX_AIO_MAX
_SC_AIO_PRIO_DELTA_MAX returns the default of 0
Without these adjustments the values returned are -1 even when the
aio side of the kernel returns '0' for them which is incorrect.
Noticed by: Craig Rodrigues <rodrigc@attbi.com>
architecture, mainly to avoid getting a SIGFPE signal sent
when calling strtod(3) with certain input.
The SIGFPE has been sent because the code was not aware that
a Gradual Underflow is handled in software via traps on the
Alpha architecture, but is not implemented in our Alpha kernel
layer.
With `Sudden_Underflow' defined, strtod(3) should not depend
on Gradual Underflow and adjust its calculations accordingly,
which means that other, more subtle errors than the sending of
SIGFPE could be solved by this.
Discussed with: bde
PR: alpha/12623
PR: alpha/17032
PR: alpha/43567
MFC after: 7 days
caused by dynamic PAM modules that call openlog(3) and closelog(3),
e.g. ports/security/pam_pwdfile.
What happened here is that the module first registered its "ident"
with openlog(3), then PAM library unloaded module with dlclose(3),
and the next call to syslog(3) resulted in SIGSEGV.
MFC after: 3 days
o Remove the unwanted smartness in _longjmp() where it compares
the current ar.bspstore with the saved ar.bspstore and restores
ar.rnat based on it. This either avoids saving ar.rnat in the
jmp_buf or is the consequence of not saving ar.rnat. All this
complexity breaks libc_r where we use longjmp() to switch to
different threads and the current ar.bspstore has no relation
to the saved ar.bspstore. Thus: we save ar.rnat in setjmp()
and simply restore ar.bspstore and ar.rnat in longjmp().
This code needs a cleanup.
entries in the table being stubs. While I'm here, add macros to
auto-generate the stubs. A conforming threads library can override
the stub routines by filling in the jump table.
Add some entries to namespace.h and sync un-namespace.h to it.
Also add a comment to remind folks to update un-namespace.h
when changing namespace.h.
Don't force 16-byte alignment at run-time. Do it at compile-time.
This saves us the pointer fiddling by the setjmp functions and
reduces complexity. While here, increase the jmp_buf by 16 bytes
to an even 512 bytes. Coincidentally, due to the way alignment
was handled prior to this change, the jmp_buf has not changed in
size, but only in how the space is used. Prior to this change
the 16 bytes were reserved for enforcing alignment; now they are
reserved by us for future extensions.
Therefore, this ABI breaker is relatively save: the failure is
always an alignment trap.
namely uuidgen(1), uuidgen(2) and uuid(3), the following division
has been choosen:
uuidgen(1) A description of the command line utility,
and other user oriented UUID information.
uuidgen(2) A mostly technical description of UUIDs.
uuid(3) A description of the functions and other
programmer oriented UUID information.
According to the division: add more technical contents.
Contributed by: Hiten Pandya <hiten@uk.FreeBSD.org>
Edited and enhanced: marcel
to be static for 5.0. I may remove this for 5.1 or 5.2. No more
binaries or libarires will be generated with __sF starting as of
yesterday. Originally the plan had been to eliminate this for 5.0,
but we didn't get the __std{in,out,err}p changes merged into -stable
until yesterday (rather than in September 2001 like it should have
been). Given that didn't happen on time, we can't do the other part
of the scheme now.
# Please do not change this without talking to me first.