and forgot what I was trying to do originally and accidently zapped
a feature. :-] The problem is that we are converting a counted buffer in
a malloc pool into a null terminated C-style string. I was calling realloc
originally to shrink the buffer to the desired size. If realloc failed, we
still returned the valid buffer - the only thing wrong was it was a tad
too large. The previous commit disabled this.
This commit now handles the three cases..
1: the buffer is exactly right for the null byte to terminate the
string (we don't call realloc).
2: it's got h.left = 0, so we must expand it to make room. If realloc
fails here, it's fatal.
3: if there's too much room, we realloc to shrink it - a failed realloc
is not fatal, we use the original buffer which is still valid.
Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Various cleanup from Keith Bostic
Reinstate calloc() as a separate funtion, in its own source/object file.
leave the manpage integrated with malloc.3 and friends. Too many things
were broken in this respect.
PR: 4002
Reviewed by: phk
Submitted by: Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Submitted by: Keith Bostic <bostic@bostic.com>
Only call malloc() if the fd is too big for the compiled in fd_set size,
and don't use calloc either. This should reduce the impact of conflicts
with private malloc implementations etc. When using the fd_set on the
stack, only zero what is needed rather than all 1024 bits like FD_ZERO did.
Various portability and stylistic cleanups.
Kill MALLOC_STATS & the 'D' option.
Fix the 'V' option.
Major overhaul of the man-page.
You milage should not vary.
Reviewed by: Keith Bostic <bostic@bostic.com>
Submitted by: Keith Bostic <bostic@bostic.com>
The logic in get_myaddress() is broken: it always returns the loopback
address due to the following rule:
if ((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET &&
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
The idea is that we want to select the interface address only if it's
up and it's in the AF_INET family. If it turns uout we don't have
such an interface available, we make a second pass through the loop,
this time settling for the loopback interface. But the logic inadvertently
locks out all cases when loopback == 0, so nothing is ever selected until
the second pass (when loopback == 1).
This is changed to:
if (((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET) ||
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
which I think does the right thing.
This is yet another bogon I discovered during NIS+ testing; I need
get_myaddress() to work correctly so that the callback code in the
client library will work.
srandomdev(), but can be used inside libraries. random() can't be used
inside libraries because it breaks its possible predictable sequence.
arc4random() is true random as designed, so its usage is library-safe.
Obtained from: OpenBSD
implement (better) falback code inside srandomdev() itself.
Change return type from int to void (binary compatibility surprisely
achieved). Userland code will be changed soon.
The addition of the nanosleep syscall was correctly added to
libc/sys/Makefile so that it is renamed as _thread_sys_nanosleep().
This syscall is one of those that libc_r has to re-implement because
the only behaviour is to block the process. So libc_r just ignores the
fact that a nanosleep syscall exists and goes its own way - as it has
done all along .... and now it does again. And now a simple program
can sleep again. Phew.
Malloc cannot use pthread_mutex_init() to initialize a mutex because
the mutex initialization process does a malloc!
libc_r internals skip the malloc and assign an initializer to a static
structure and point the opaque type (pthread_mutex_t in this case) to
that structure. This is done on the assumption that the mutex will never
be destroyed. This style of initialization is only valid inside libc_r
because the structure that is assigned is opaque to the user.
This fix allows a simple program to get to main() again. 8-)
semantics of the old sleep for compatability with a few decades of expected
side effects. Apache breaks if we just use nanosleep() for some reason,
here we use a new signanosleep() syscall which is kinda like a hybrid of
sigsuspend and nanosleep..
Reviewed by: ache (and tested on his apache that was failing when
sleep used plain nanosleep)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.
This code is in production in 2.2 based systems
-DUSE_NANOSLEEP. Also, seperate the code for _THREAD_SAFE so that it uses
the simpler threaded nanosleep() call in libc_r.. We don't go to the same
extremes for emulating traditional sleep semantics (ie: eating any SIGALRM
that might happen) which things like apache seem to depend on.
- bde's change to includes section in getrpcent.3
- Lost comment in svc_run.c (the code here was actually the same since
I had fixed the 'fds + 1' bug in my stuff at home before mailing
Peter about it, but I didn't notce that he'd made a change to the
comment right above the changed line).
Also pointed out by the ever vigilant: bde
This concludes tonight's entertainment. Once I'm sure I haven't destroyed
the world with all these changes, I'll import the utilities. Everything
should continue to work as before. If it doesn't let me know.
Special thanks to Mark Murray for running a test 'make world' for me to
shake out the bugs, which, hopefully, I have fixed.
(And there was much rejoicing.)
Note: you'll need to rinstalkl all your includes before compiling libc
the next time you update your sources in order for all this to work.
Reviewed by: Mark Murray
ppp (or will be shortly). Natd can now be updated to use
this library rather than carrying its own version of the code.
Submitted by: Charles Mott <cmott@srv.net>
visible type names in prototypes in user space headers. libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?
value, it appears as though the semantics of usleep are that it doesn't
return early. (only in the nanosleep code - the setitimer code does this
already)
(nanosleep) breaks Apache httpd badly: his childs died quickly after
number of requests (SIGPIPE). To reproduce this bug start
gdb /usr/local/sbin/httpd
run -X
and make some bunch of concurent requests (load the server pages
from 3 different places f.e.)
After short time httpd dies via SIGPIPE. It never dies with old sleep.c
In real life it looks like lots of broken images on the pages or missing
pages. Lynx says about Network read error, etc.
It seems something wrong in nanosleep signal handling.
back as designed in *BSD
Also it not violates current standards but
1) No other Unixes have this feature
2) It broke Kerberos5 (isprint) and God knows what else
(not all vendors will agree to treat FreeBSD as special case for support
since (1))
2) Give false localization sense (programs mimic to be 8859-1
localized) which prevents true localization.
bumped only 0.1 or 1.0 between releases. (See handbook.)
Note that if you have built world in -current in the last 48 hours or
so, you should manually remove /usr/lib/libutil.so.2.3 before
rebuilding world to cleanse your system.
o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.
o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.
o umask() only set once, and only if requested.
o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.
o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.
o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]
o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.
o We no longer pretend to support rlim_t as a long type.
o Revised code formatting to be more bsd-ish style.
so that all these makefiles can be used to build libc_r too.
Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.
Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
and FNM_LEADING_DIR were specified and the pattern ended with "*".
Example: pattern="src/usr.sbin/w*", string="src/usr.sbin/watch/watch.8,v".
This should match, but did not.
- dependencies actually work (I need this to propagate some fixes
in <machine/asm.h>)
- the cpp pipeline goes away, so errors can't leak out of it and
an ANSI cpp is automatically used.
- it's simpler - standard rules get used instead of repetitive
special rules. (This showed bugs in the strip steps in the
standard rules. The wrong strip flag was also used for *.po
here.)
Removed some ${ECHO}s and `@'s. Normal make echoing of what is
being done is now not much more verbose than the echo messages
were, and is more useful.
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
- use a slightly less bogus copyright. This file was never contributed
to Berkeley. It still claims to be copright by the Regents.
- use <machine/asm.h> instead of "DEFS.h".
- use RCSID($Id$) instead of explicit assembly code and messy ifdefs.
The rcsid won't be put into the object file until we make RCSID()
non-null. NetBSD uses a LIBC_SCCS ifdef here. We used a LIBC_RCS
instead, but I want RCSID() to be controlled directly by LIBC_RCS
(actually by LIB_RCS). This is the only difference with the NetBSD
version.
- added ifdefs to support generation of memcpy() and memmove(). The
other changes are "while I'm here" to get this.
- improved style of the copy backwards case.
TTY_NETWORK (network), TTY_DIALUP (dialup), which determine a basic
connection type. TTY_DIALUP in particular will replace the old out of
date heuristic "tty[dD]*" in login.c (and better than the current
hard-coded method).
`void __set_ospeed(long);' in the appropriate header.
The implementation still uses speed_t instead of long. This
will break properly when speed_t is fixed (speed_t shall be
unsigned ...).
the src/contrib/tcl directory existing, and also have an /etc/make.conf
override (NOTCL) to stop building libtcl. This is in similar other
things from src/Makefile, eg: NOGAMES, NOLKM, etc.
This is so that people can put in a refuse entry in their cvsup files and
not fetch the tcl code, and have it not built automatically. I'll do
something similar for perl.
common. Add one do-nothing element to each set. This ensures that
the linker realizes that they are linker sets rather than simple
commons, and makes it possible to link c++rt0.o into every shared
library regardless of whether it is a C++ library or not. Without
this change, the constructors and destructors in the main program
could be executed multiple times.
This change is going to make it possible to get rid of the
CPLUSPLUSLIB makefile variable once and for all. It is a piece of
the solution to PR gnu/3505 (gcc -shared). Finally, it fixes a
heretofore unreported bug: If CPLUSPLUSLIB was set in a makefile
for a C++ shared library that had no static constructors or
destructors in it, then the main program's constructors and
destructors would be executed multiple times.
uid/gid in question was in the cache, but did not exist
in the password file. This causes the -nouser and -nogroup
options to find(1) to only print the first file owned by
an unknown user/group in some cases.
Use snprintf instead of sprintf to avoid buffer overflows
Use snprintf in uu_lockerr instead of lots of hardcoded constants
and not null-terminated strncpy
Return "" for OK and "device in use" for INUSE, it allows simple
strcpy(buf, uu_lockerr(retcode)) without testing for special OK
case (NULL was there) and obtaining meaningful result for INUSE
("" was there) without special testing for it too.
which don't provide a non-blocking interface.
This is a short term "fix" which changes a half-lose to a half-win.
The thread that accesses a device that does not provide a non-blocking
interface will block for its time slice.
A medium term solution would be to use rfork. A long-term solution
would be some sort of kernel thread/SMP implementation.
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Suggested by: ache@freebsd.org
passes on the status across fork/exec.
The previous version had some typos, referred to itself as link(2) in
one place :-), and didn't really match openbsd's implementation either.
Now that I've mentioned typos, hopefully our Typo Police and Xref Police
will be gentle with me. :-)
The sa_mask field specified in act is not allowed to block SIGKILL or
SIGSTOP. Any attempt to do so will be silently ignored.
Now where did I leave that pointy hat...
modern FreeBSD systems will syslog properly on older systems that
still name the logging socket "/dev/log". This includes pre-2.2
versions of FreeBSD as well as BSD/OS systems. If the connect to
"/var/run/log" fails, the function now tries to connect to
"/dev/log" as a fallback.
quoted individually. Quoting them all together sort of worked, except
for scsreq_build(), the long arg list was chopped near column 80, to
no avail since the closing parentheses was put on new line by itself.
Back out a dubious Lite2 change to "optimise" getcwd() to look at $PWD
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
The following commits already happened but the log message got lost:
Modified Files:
gen/Makefile.inc gen/getcwd.c stdlib/Makefile.inc
Removed Files:
gen/realpath.3
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
Bruce says that since NetBSD, OpenBSD and Linux currently
use ss_sp, we won't be changing it to the lite2 ss_base.
The type may change at some later date.
touch duplicate group suppression, but the merge blew away our
duplicate group suppression.
The merge also blew away the -Wall cleanup in rev.1.5, but that
was misformatted, so I didn't restore it.
but in one case the Lite2 changes were flat out wrong and
caused the man page to disagree with a header file.
There are still some *roff macro calls that were added that
I have yet to figure out what to do with in some of the man pages.
My changes to preserve errno across free() and close() and to report
fstat() errors properly were blown away.
Updated the FreeBSD changes to match the Lite2 style fixes.
Document that popen() can now create bidirectional pipes and handles.
Note that this needs to be updated since we have a native bidirectional
pipe and don't use socketpair() here.
style and b) the wrong logic. Should be strstr(s, "##") != NULL. (Note
that the passwd.adjunct stuff has not been merged into 2.2 so this bug
is not in that branch.)
The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
(to be compatibel with password database comments). '^[ \t]*\n$'
and small values:
hypotf(2.3819765e+38, 2.0416943e+38) was NaN instead of 3.1372484e+38
hypotf(-3.4028235e+38, 3.3886450e+38) was NaN instead of Inf
hypotf(-2.8025969e-45, -2.8025969e-45) was 0 instead of 4.2038954e-45
Found by: ucbtest
- 0 was returned instead of EOF when an input failure occured while
skipping white-space after 0 assignments. This fixes PR2606. The
diagnosis in PR2606 is wrong.
- EOF was returned instead of 0 when an input failure occurred after
zero assignments and nonzero suppressed assignments.
- EOF was spelled -1.
This should be in 2.2.
for now so that we don't lose library compatibility. Applications should
define _NEW_VFSCONF and use getvfsbyname() instead of new_getvfsbyname()
if they want the new vfsconf interface. Parts of the old interface
(enough to load vfs modules, I hope) are still available.